CVE-2025-39957

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s mac80211 component related to insufficient buffer length validation during hardware scanning. Specifically, the S1G capability element was not accounted for in the scan ies len, leading to a buffer overflow in the ieee80211 prep hw scan() function and a warning in ieee80211 start scan(). This prevents hardware scanning from functioning correctly.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

AZL-68331

BDU:2026-01348

CVE-2025-39957

DLA-4379-1

DSA-6053-1

ECHO-5782-8486-D87B

MGASA-2025-0309

MGASA-2025-0310

OPENSUSE-SU-2025:20081-1

SUSE-SU-2025:21040-1

SUSE-SU-2025:21052-1

SUSE-SU-2025:21056-1

SUSE-SU-2025:21064-1

SUSE-SU-2025:21074-1

SUSE-SU-2025:21139-1

SUSE-SU-2025:21179-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4128-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4140-1

SUSE-SU-2025:4141-1

SUSE-SU-2025:4301-1

USN-8095-1

USN-8095-2

USN-8095-3

USN-8095-4

USN-8095-5

USN-8100-1

USN-8125-1

USN-8126-1

USN-8165-1

USN-8261-1

Affected Products

Debian

Linuxmint

Linux Kernel

Suse

Ubuntu

CVE-2025-39957

Weakness Enumeration

Related Identifiers

Affected Products

References · 3447