CVE-2025-71227— wifi: mac80211: don't WARN for connections on invalid channels
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-71227
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
wifi: mac80211: don't WARN for connections on invalid channels
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't WARN for connections on invalid channels It's not clear (to me) how exactly syzbot managed to hit this, but it seems conceivable that e.g. regulatory changed and has disabled a channel between scanning (channel is checked to be usable by cfg80211_get_ies_channel_number) and connecting on the channel later. With one scenario that isn't covered elsewhere described above, the warning isn't good, replace it with a (more informative) error message.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于在无效信道上连接时发出警告,可能导致不必要的系统警告。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2025-71227
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-71227
请登录查看更多情报信息。
Same Patch Batch · Linux · 2026-02-18 · 31 CVEs total
| CVE-2026-23230 | 8.8 HIGH | smb: client: split cached_fid bitfields to avoid shared-byte RMW races |
| CVE-2026-23226 | 8.8 HIGH | ksmbd: add chann_lock to protect ksmbd_chann_list xarray |
| CVE-2026-23227 | 7.8 HIGH | drm/exynos: vidi: use ctx->lock to protect struct vidi_context member variables related to |
| CVE-2026-23225 | 7.8 HIGH | sched/mmcid: Don't assume CID is CPU owned on mode switch |
| CVE-2026-23224 | 7.8 HIGH | erofs: fix UAF issue for file-backed mounts w/ directio option |
| CVE-2026-23222 | 7.8 HIGH | crypto: omap - Allocate OMAP_CRYPTO_FORCE_COPY scatterlists correctly |
| CVE-2025-71234 | wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxu_sta_add | |
| CVE-2026-23229 | crypto: virtio - Add spinlock protection with virtqueue notification | |
| CVE-2026-23228 | smb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection() | |
| CVE-2026-23223 | xfs: fix UAF in xchk_btree_check_block_owner | |
| CVE-2026-23221 | bus: fsl-mc: fix use-after-free in driver_override_show() | |
| CVE-2026-23220 | ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths | |
| CVE-2025-71237 | nilfs2: Fix potential block overflow that cause system hang | |
| CVE-2025-71236 | scsi: qla2xxx: Validate sp before freeing associated memory | |
| CVE-2025-71235 | scsi: qla2xxx: Delay module unload while fabric scan in progress | |
| CVE-2026-23211 | mm, swap: restore swap_space attr aviod kernel panic | |
| CVE-2025-71233 | PCI: endpoint: Avoid creating sub-groups asynchronously | |
| CVE-2025-71232 | scsi: qla2xxx: Free sp in error path to fix system crash | |
| CVE-2025-71231 | crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode | |
| CVE-2025-71230 | hfs: ensure sb->s_fs_info is always cleaned up |
Showing top 20 of 31 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: Linux
- CVE-2026-43500
rxrpc: Also unshare DATA/RESPONSE packets when paged frags a - CVE-2026-43475
scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT - CVE-2026-43474
fs: init flags_valid before calling vfs_fileattr_get - CVE-2026-43473
scsi: mpi3mr: Add NULL checks when resetting request and rep - CVE-2026-43472
unshare: fix unshare_fs() handling
Same vendor: Linux
- CVE-2026-43500
rxrpc: Also unshare DATA/RESPONSE packets when paged frags a - CVE-2026-43475
scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT - CVE-2026-43474
fs: init flags_valid before calling vfs_fileattr_get - CVE-2026-43473
scsi: mpi3mr: Add NULL checks when resetting request and rep - CVE-2026-43472
unshare: fix unshare_fs() handling
V. Comments for CVE-2025-71227
No comments yet