Primary

Context

Linux Kernel iwifi Driver MLO Handling Vulnerability

Vulnerability

Patched

A vulnerability in the Linux kernel's iwifi driver related to Multi-Link Operation (MLO) has been addressed. The issue arose because the function 'iwl_mvm_max_amsdu_size()' incorrectly used the virtual interface's BSS configuration, which could lead to a null pointer dereference. In real MLO scenarios, it's crucial to consider both Logical MAC (LMAC) layers if active, as a station may operate on both simultaneously.

Impact

The vulnerability could cause a null pointer dereference, leading to a crash or undefined behavior in the kernel.

Added: Dec 24, 2025, 12:39 PM

Updated: Dec 24, 2025, 12:39 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

1.6

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

1.6

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel iwifi Driver MLO Handling Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating