Primary

Context

Linux Kernel iwlwifi Component Use-After-Free Vulnerability via Error Code Mismanagement

Vulnerability

Patched

A use-after-free vulnerability has been identified in the Linux kernel's iwlwifi component. This issue arises because the function iwl_op_mode_dvm_start() improperly handles error codes. When iwl_setup_deferred_work() fails, the function returns a NULL pointer instead of the appropriate error code. This oversight can lead to a use-after-free situation involving debugfs.

Impact

Exploitation of this vulnerability causes a use-after-free condition, which can lead to memory corruption and potentially allow for arbitrary code execution.

Added: Aug 22, 2025, 4:47 PM

Updated: Aug 22, 2025, 4:47 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

0.4

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

0.4

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel iwlwifi Component Use-After-Free Vulnerability via Error Code Mismanagement

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating