Updated: 2025-11-03 11:18:11.013433
Description:
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix use-after-free in cmp_bss() Following bss_free() quirk introduced in commit 776b3580178f ("cfg80211: track hidden SSID networks properly"), adjust cfg80211_update_known_bss() to free the last beacon frame elements only if they're not shared via the corresponding 'hidden_beacon_bss' pointer.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | NONE | 0.0 |
| CVSS Version 3.x | HIGH | 7.0 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | kernel | 5.14.0 | 7.0 | HIGH | Released | CLSA-2026:1767864313 | 2026-01-08 16:54:46 | |
| CentOS 8.4 ELS | kernel | 4.18.0 | 7.0 | HIGH | Released | CLSA-2025:1763731262 | 2025-11-21 21:20:35 | |
| CentOS 8.5 ELS | kernel | 4.18.0 | 7.0 | HIGH | Released | CLSA-2025:1763734783 | 2025-11-21 21:20:36 | |
| CentOS Stream 8 ELS | kernel | 4.18.0 | 7.0 | HIGH | In Testing | CLSA-2025:1763722365 | 2025-12-08 17:57:37 | |
| Oracle Linux 7 ELS | kernel | 3.10.0 | 7.0 | HIGH | Needs Triage | 2025-12-16 16:46:29 | ||
| Oracle Linux 7 ELS | kernel-uek | 5.4.17 | 7.0 | HIGH | Needs Triage | 2025-11-19 19:14:22 | ||
| TuxCare 9.6 ESU | kernel | 5.14.0 | 7.0 | HIGH | Released | CLSA-2025:1766488019 | 2025-12-23 19:45:48 | |
| Ubuntu 20.04 ELS | linux | 5.4.0 | 7.0 | HIGH | Needs Triage | 2025-12-09 19:13:17 |