VYPR
← All advisories
High severity7.8NVD Advisory· Published Apr 1, 2025· Updated Apr 6, 2026

CVE-2025-21979

CVE-2025-21979

Description

In the Linux kernel, the following vulnerability has been resolved:

wifi: cfg80211: cancel wiphy_work before freeing wiphy

A wiphy_work can be queued from the moment the wiphy is allocated and initialized (i.e. wiphy_new_nm). When a wiphy_work is queued, the rdev::wiphy_work is getting queued.

If wiphy_free is called before the rdev::wiphy_work had a chance to run, the wiphy memory will be freed, and then when it eventally gets to run it'll use invalid memory.

Fix this by canceling the work before freeing the wiphy.

Affected products

7
  • Linux/Kernel7 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=6.1.57,<6.1.132
    • cpe:2.3:o:linux:linux_kernel:6.14:rc1:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:6.14:rc2:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:6.14:rc3:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:6.14:rc4:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:6.14:rc5:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:6.14:rc6:*:*:*:*:*:*

Patches

6
8930a3e1568c
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
0272d4af7f92
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
75d262ad3c36
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
a5158d67bff0
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
dea22de16205
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
72d520476a2f
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

1

News mentions

0

No linked articles in our index yet.