CVE-2025-68182

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the iwlwifi module, specifically in the iwl mld remove link() function. The code frees a memory location referred to as "link" using kfree rcu(), and subsequently attempts to access data from that same memory location (link->fw id) before it is fully deallocated, leading to a potential use-after-free condition. Saving the link->fw id value before freeing the "link" memory resolves this issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.