CVE-2025-39918
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-39918
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-39918.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-39918
- Downstream
- Published
- 2025-10-01T07:55:13.851Z
- Modified
- 2025-11-20T10:09:20.312101Z
- Summary
- wifi: mt76: fix linked list corruption
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
wifi: mt76: fix linked list corruption
Never leave scheduled wcid entries on the temporary on-stack list
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0b3be9d1d34e21dada69c539fbf51a5fe868028aFixede4d5a5fc61fdc65220a1ce078d24c1d20bbb0835
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0b3be9d1d34e21dada69c539fbf51a5fe868028aFixedc91a59b04f928cb4a1436b0e0a27650883d0388a
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0b3be9d1d34e21dada69c539fbf51a5fe868028aFixed49fba87205bec14a0f6bd997635bf3968408161e
Affected versions
v6.*
v6.11
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.15
v6.12.16
v6.12.17
v6.12.18
v6.12.19
v6.12.2
v6.12.20
v6.12.21
v6.12.22
v6.12.23
v6.12.24
v6.12.25
v6.12.26
v6.12.27
v6.12.28
v6.12.29
v6.12.3
v6.12.30
v6.12.31
v6.12.32
v6.12.33
v6.12.34
v6.12.35
v6.12.36
v6.12.37
v6.12.38
v6.12.39
v6.12.4
v6.12.40
v6.12.41
v6.12.42
v6.12.43
v6.12.44
v6.12.45
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.14
v6.14-rc1
v6.14-rc2
v6.14-rc3
v6.14-rc4
v6.14-rc5
v6.14-rc6
v6.14-rc7
v6.15
v6.15-rc1
v6.15-rc2
v6.15-rc3
v6.15-rc4
v6.15-rc5
v6.15-rc6
v6.15-rc7
v6.16
v6.16-rc1
v6.16-rc2
v6.16-rc3
v6.16-rc4
v6.16-rc5
v6.16-rc6
v6.16-rc7
v6.16.1
v6.16.2
v6.16.3
v6.16.4
v6.16.5
v6.17-rc1
v6.17-rc2
Database specific
vanir_signatures
[
{
"target": {
"function": "mt76_txq_schedule_pending",
"file": "drivers/net/wireless/mediatek/mt76/tx.c"
},
"digest": {
"length": 856.0,
"function_hash": "212720000730087359704691375562191358474"
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@49fba87205bec14a0f6bd997635bf3968408161e",
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2025-39918-0850156c"
},
{
"target": {
"file": "drivers/net/wireless/mediatek/mt76/tx.c"
},
"digest": {
"line_hashes": [
"138267439242078080705172340941295299112",
"120977755235038558368834309111591782918",
"323537865645816262212918064515062130109",
"281899578624261920066960134100812437069",
"288030081226612803464772723066416612885",
"67728106594344199864197833654397691006",
"198537442580868880006064227835562798394",
"172156630357291234210877600930250380784",
"236496291964694350164624384525929853131",
"196835011798580520365577211176529355718",
"10010374394628639378321874163309405971",
"58246952060188178760958846191835740827",
"137123858755567410346110194246138291949",
"159004979879078562305504627117969136687",
"332752791464276405937534779586905995361",
"138189455336355322269500621534274659049",
"23117162069082499892899229534671220312"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e4d5a5fc61fdc65220a1ce078d24c1d20bbb0835",
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2025-39918-c469c0b2"
},
{
"target": {
"function": "mt76_txq_schedule_pending",
"file": "drivers/net/wireless/mediatek/mt76/tx.c"
},
"digest": {
"length": 856.0,
"function_hash": "212720000730087359704691375562191358474"
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e4d5a5fc61fdc65220a1ce078d24c1d20bbb0835",
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2025-39918-d2e69204"
},
{
"target": {
"file": "drivers/net/wireless/mediatek/mt76/tx.c"
},
"digest": {
"line_hashes": [
"138267439242078080705172340941295299112",
"120977755235038558368834309111591782918",
"323537865645816262212918064515062130109",
"281899578624261920066960134100812437069",
"288030081226612803464772723066416612885",
"67728106594344199864197833654397691006",
"198537442580868880006064227835562798394",
"172156630357291234210877600930250380784",
"236496291964694350164624384525929853131",
"196835011798580520365577211176529355718",
"10010374394628639378321874163309405971",
"58246952060188178760958846191835740827",
"137123858755567410346110194246138291949",
"159004979879078562305504627117969136687",
"332752791464276405937534779586905995361",
"138189455336355322269500621534274659049",
"23117162069082499892899229534671220312"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@49fba87205bec14a0f6bd997635bf3968408161e",
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2025-39918-d5d2e77c"
}
]