CVE-2025-39919

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

I

n the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: add missing check for rx wcid entries Non-station wcid entries must not be passed to the rx functions. In case of the global wcid entry, it could even lead to corruption in the wcid array due to pointer being casted to struct mt7996_sta_link using container_of.

References

Link	Resource
https://git.kernel.org/stable/c/4a522b01e368eec58d182ecc47d24f49a39e440d	Patch
https://git.kernel.org/stable/c/69dcc19048fcdc3fb166fd25b805470ee8fc0eb1	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.17:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.17:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.17:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.17:rc4::::::

History

11 Dec 2025, 18:23

Type	Values Removed	Values Added
First Time		Linux linux Kernel Linux
CPE		cpe:2.3:o:linux:linux_kernel:6.17:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.17:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.17:rc3:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.17:rc4::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
References	~~() https://git.kernel.org/stable/c/4a522b01e368eec58d182ecc47d24f49a39e440d -~~	() https://git.kernel.org/stable/c/4a522b01e368eec58d182ecc47d24f49a39e440d - Patch
References	~~() https://git.kernel.org/stable/c/69dcc19048fcdc3fb166fd25b805470ee8fc0eb1 -~~	() https://git.kernel.org/stable/c/69dcc19048fcdc3fb166fd25b805470ee8fc0eb1 - Patch
CWE		NVD-CWE-noinfo

02 Oct 2025, 19:12

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-10-01 08:15

Updated : 2026-01-14 18:16

NVD link : CVE-2025-39919

Mitre link : CVE-2025-39919

CVE.ORG link : CVE-2025-39919

JSON object : View

Products Affected

linux_kernel

CWE

NVD-CWE-noinfo

{"id": "CVE-2025-39919", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2025-10-01T08:15:35.120", "references": [{"url": "https://git.kernel.org/stable/c/4a522b01e368eec58d182ecc47d24f49a39e440d", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/69dcc19048fcdc3fb166fd25b805470ee8fc0eb1", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7996: add missing check for rx wcid entries\n\nNon-station wcid entries must not be passed to the rx functions.\nIn case of the global wcid entry, it could even lead to corruption in the wcid\narray due to pointer being casted to struct mt7996_sta_link using container_of."}], "lastModified": "2026-01-14T18:16:40.327", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4C2E438-04A8-4E8E-9CA1-54C86857F8B0", "versionEndExcluding": "6.16.6", "versionStartIncluding": "6.15"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.17:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "327D22EF-390B-454C-BD31-2ED23C998A1C"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.17:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C730CD9A-D969-4A8E-9522-162AAF7C0EE9"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.17:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39982C4B-716E-4B2F-8196-FA301F47807D"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.17:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "340BEEA9-D70D-4290-B502-FBB1032353B1"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}