CVE-2025-71224
Unknown Unknown - Not Provided
Use-After-Free in Linux mac80211 OCB RX Path Causes Warnings

Publication date: 2026-02-14

Last updated on: 2026-02-14

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: ocb: skip rx_no_sta when interface is not joined ieee80211_ocb_rx_no_sta() assumes a valid channel context, which is only present after JOIN_OCB. RX may run before JOIN_OCB is executed, in which case the OCB interface is not operational. Skip RX peer handling when the interface is not joined to avoid warnings in the RX path.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-14
Last Modified
2026-02-14
Generated
2026-06-16
AI Q&A
2026-02-14
EPSS Evaluated
2026-06-15
NVD
CVE-2025-71224
EUVD
EUVD-2025-206986
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's mac80211 wireless subsystem, specifically in the OCB (Outside the Context of a BSS) mode. The function ieee80211_ocb_rx_no_sta() assumes that a valid channel context is present, which only occurs after the interface has joined OCB mode (JOIN_OCB). However, the RX (receive) path may be executed before JOIN_OCB is completed, meaning the interface is not yet operational. This can lead to warnings or improper handling of received packets because the RX peer handling is done when the interface is not properly joined.

The fix involves skipping RX peer handling when the interface is not joined to avoid these warnings and potential issues in the RX path.

Impact Analysis

If this vulnerability is present, it can cause warnings or errors in the wireless receive path of the Linux kernel when the OCB interface is not properly joined. This may lead to instability or unexpected behavior in wireless communications using OCB mode.

However, there is no indication from the provided information that this vulnerability leads to privilege escalation, data leakage, or other direct security breaches.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-71224. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart