PT-2025-14360 · Linux+10 · Linux Kernel+10

Published

2025-03-06

·

Updated

2026-04-20

·

CVE-2025-21979

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A issue in the Linux kernel has been identified where a wiphy work can be queued from the moment the wiphy is allocated and initialized. If wiphy free is called before the rdev::wiphy work had a chance to run, the wiphy memory will be freed, and then when it eventually gets to run it'll use invalid memory. This is resolved by canceling the work before freeing the wiphy.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025:9080
ALT-PU-2025-12647
ALT-PU-2025-5786
BDU:2025-12106
CVE-2025-21979
DLA-4193-1
DSA-5900-1
ECHO-1315-7507-2A48
INFSA-2025_9080
MGASA-2025-0142
MGASA-2025-0146
OESA-2025-1463
OESA-2025-1464
OPENSUSE-SU-2025_01614-1
OPENSUSE-SU-2025_01707-1
RHSA-2025:9079
RHSA-2025:9080
RHSA-2025_9080
SUSE-SU-2025:01614-1
SUSE-SU-2025:01707-1
SUSE-SU-2025:01919-1
SUSE-SU-2025:01951-1
SUSE-SU-2025:01964-1
SUSE-SU-2025:01967-1
SUSE-SU-2025:20192-1
SUSE-SU-2025:20206-1
SUSE-SU-2025:20270-1
SUSE-SU-2025:20283-1
SUSE-SU-2025_01614-1
SUSE-SU-2025_01707-1
SUSE-SU-2025_01951-1
SUSE-SU-2025_01964-1
SUSE-SU-2025_01967-1
USN-7605-1
USN-7605-2
USN-7606-1
USN-7628-1
USN-7764-1
USN-7764-2
USN-7765-1
USN-7766-1
USN-7767-1
USN-7767-2
USN-7779-1
USN-7790-1
USN-7800-1
USN-7801-1
USN-7801-2
USN-7801-3
USN-7802-1
USN-7809-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu