← Back

CVE-2025-37796

nvd nist
Published: May 1, 2025Modified: Jun 17, 2026

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: at76c50x: fix use after free access in at76_disconnect The memory pointed to by priv is freed at the end of at76_delete_device function (using ieee80211_free_hw). But the code then accesses the udev field of the freed object to put the USB device. This may also lead to a memory leak of the usb device. Fix this by using udev from interface.

Affected (13)

Products: Linux: Linux Kernel
1 product
Linux Kernel
Configuration A
13 vulnerable
Vulnerable SoftwareAffected Versions
Linux
From 3.17.1 to 5.4.293
From 5.11 to 5.15.181
From 5.16 to 6.1.135
From 5.5 to 5.10.237
From 6.13 to 6.14.4
From 6.2 to 6.6.88
From 6.7 to 6.12.25
Version 3.17
Version 3.17 rc5
Version 3.17 rc6
Version 3.17 rc7
Version 6.15 rc1
Version 6.15 rc2

References (10)

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.