CVE-2025-39952
BaseFortify
Publication date: 2025-10-04
Last updated on: 2025-10-06
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| microchip | wilc1000 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a buffer overflow issue in the Linux kernel's wifi driver for the wilc1000 device. Specifically, it occurs in the WID string configuration where a memcpy operation could overflow the buffer because the size of the copied data was not properly checked. The vulnerability was fixed by adding size checks based on the WID type and the length fields in the relevant data structures to prevent copying more data than the buffer can hold.
How can this vulnerability impact me? :
A buffer overflow vulnerability like this can potentially lead to memory corruption, which might be exploited to cause crashes, execute arbitrary code, or escalate privileges on the affected system. This could compromise the stability and security of the system running the vulnerable Linux kernel wifi driver.