VYPR
High severity7.8NVD Advisory· Published Sep 19, 2025· Updated May 12, 2026

CVE-2025-39864

CVE-2025-39864

Description

In the Linux kernel, the following vulnerability has been resolved:

wifi: cfg80211: fix use-after-free in cmp_bss()

Following bss_free() quirk introduced in commit 776b3580178f ("cfg80211: track hidden SSID networks properly"), adjust cfg80211_update_known_bss() to free the last beacon frame elements only if they're not shared via the corresponding 'hidden_beacon_bss' pointer.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

193

Patches

Vulnerability mechanics

References

12

News mentions

1