CVE-2025-71227

Published: Feb 18, 2026Modified: Mar 18, 2026

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't WARN for connections on invalid channels It's not clear (to me) how exactly syzbot managed to hit this, but it seems conceivable that e.g. regulatory changed and has disabled a channel between scanning (channel is checked to be usable by cfg80211_get_ies_channel_number) and connecting on the channel later. With one scenario that isn't covered elsewhere described above, the warning isn't good, replace it with a (more informative) error message.

Affected (4)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 3.8 to 6.18.10
Linux Linux Kernel	Version 6.19 rc1
Linux Linux Kernel	Version 6.19 rc2
Linux Linux Kernel	Version 6.19 rc3

References (2)

https://git.kernel.org/stable/c/10d3ff7e5812c8d70300f6fa8f524009a06aa7e1

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/99067b58a408a384d2a45c105eb3dce980a862ce

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

Timeline

No history available yet.