Primary

Context

Linux Kernel mac80211 Channel Handling Vulnerability in Scan Request

Vulnerability

Patched

A vulnerability in the Linux kernel's mac80211 component has been addressed. The issue involved improper handling of the number of channels in the scan request process. Specifically, the number of channels was not correctly set after allocating the scan request structure, leading to an out-of-bounds array access. This vulnerability was identified using syzkaller, which reported a Undefined Behavior Sanitizer (UBSAN) error indicating that the index was out of range for the expected channel array type.

Impact

Exploitation of this vulnerability could lead to out-of-bounds memory access, potentially causing undefined behavior in the kernel.

Added: Jun 18, 2025, 12:26 PM

Updated: Jun 18, 2025, 12:26 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel mac80211 Channel Handling Vulnerability in Scan Request

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating