vulnerability

Red Hat: CVE-2025-21906: kernel: wifi: iwlwifi: mvm: clean up ROC on failure

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
2	(AV:L/AC:L/Au:S/C:N/I:N/A:P)	Apr 1, 2025	Jul 9, 2025	Jul 10, 2025

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:P)

Published

Apr 1, 2025

Added

Jul 9, 2025

Modified

Jul 10, 2025

Description

In the Linux kernel, the following vulnerability has been resolved:

wifi: iwlwifi: mvm: clean up ROC on failure

If the firmware fails to start the session protection, then we
do call iwl_mvm_roc_finished() here, but that won't do anything
at all because IWL_MVM_STATUS_ROC_P2P_RUNNING was never set.
Set IWL_MVM_STATUS_ROC_P2P_RUNNING in the failure/stop path.
If it started successfully before, it's already set, so that
doesn't matter, and if it didn't start it needs to be set to
clean up.

Not doing so will lead to a WARN_ON() later on a fresh remain-
on-channel, since the link is already active when activated as
it was never deactivated.

Solution

no-fix-redhat-rpm-package

References

NVD-CVE-2025-21906

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report