CVE-2025-21910 Information

Apr 03, 2025 cve

Description

In the Linux kernel the following vulnerability has been resolved:

wifi: cfg80211: regulatory: improve invalid hints checking

Syzbot keeps reporting an issue [1] that occurs when erroneous symbols sent from userspace get through into user_alpha2[] via regulatory_hint_user() call. Such invalid regulatory hints should be rejected.

While a sanity check from commit 47caf685a685 (## Reference https://git.kernel.org/stable/c/17aa34c84867f6cd181a5743e1c647e7766962a6 https://git.kernel.org/stable/c/35ef07112b61b06eb30683a6563c9f6378c02476 https://git.kernel.org/stable/c/59b348be7597c4a9903cb003c69e37df20c04a30 https://git.kernel.org/stable/c/62b1a9bbfebba4b4c2bb6c1ede9ef7ecee7a9ff6 https://git.kernel.org/stable/c/6a5e3b23054cee3b92683d1467e3fa83921f5622 https://git.kernel.org/stable/c/be7c5f00aa7f1344293e4d48d0e12be83a2f223d https://git.kernel.org/stable/c/da3f599517ef2ea851208df3229d07728d238dc5 https://git.kernel.org/stable/c/f4112cb477c727a65787a4065a75ca593bb5b2f4

Share on: