Linux Kernel mac80211 Channel Context Use-After-Free Vulnerability

Vulnerability

A use-after-free vulnerability has been identified in the Linux kernel's mac80211 wireless networking component, specifically within the channel context management code. The issue arises in the function 'ieee80211_vif_use_reserved_context()', where an old channel context can be freed while still being referenced. This occurs when the new context's replace state is set to 'IEEE80211_CHANCTX_REPLACE_NONE', allowing the old context to be released but not properly nullified, leading to potential access of freed memory.

Impact

Exploitation of this vulnerability could lead to memory corruption, allowing for arbitrary code execution or causing a system crash.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel mac80211 Channel Context Use-After-Free Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating