5.5

CVE-2025-38600

wifi: mt76: mt7925: fix off by one in mt7925_mcu_hw_scan()

In the Linux kernel, the following vulnerability has been resolved:

wifi: mt76: mt7925: fix off by one in mt7925_mcu_hw_scan()

The ssid->ssids[] and sreq->ssids[] arrays have MT7925_RNR_SCAN_MAX_BSSIDS
elements so this >= needs to be > to prevent an out of bounds access.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version6.16
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.12% 0.021
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-193 Off-by-one Error

A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.

https://git.kernel.org/stable/c/4d80d4fa986c5da99042b66bf30a028e7f564156
Patch
https://git.kernel.org/stable/c/b3a431fe2e399b2e0cc5f43f7e9d63d63d3710ee
Patch