#VU122938 Resource management error in Linux kernel - CVE-2025-71224
Published: February 16, 2026
Vulnerability identifier: #VU122938
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-71224
CWE-ID: CWE-399
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ieee80211_ocb_rx_no_sta() function in net/mac80211/ocb.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/536447521b3b9be1975c7f1db9054bdf2ab779cb
- https://git.kernel.org/stable/c/8fd1c63e016893b7f6c1cf799410da4eaa98c090
- https://git.kernel.org/stable/c/b04c75366a5471ae2dd7f4c33b7f1e2c08b9b32d
- https://git.kernel.org/stable/c/e0bd226804f8e0098711042c93d64f3b720b36c0
- https://git.kernel.org/stable/c/fcc768760df08337525cde28e8460e36f9855af8
- https://git.kernel.org/stable/c/ff4071c60018a668249dc6a2df7d16330543540e
- https://git.kernel.org/stable/c/ffe1e19c3b0e5b9eb9e04fad4bce7d1dc407fd77