{"uuid": "11b23435-4846-4afd-b3b6-42af4399affb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22119", "type": "seen", "source": "https://t.me/cvedetector/23120", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22119 - Linux Kernel: cfg80211 WiFi Wiphy Work Lock Uninitialized Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22119 \nPublished : April 16, 2025, 3:16 p.m. | 23\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nwifi: cfg80211: init wiphy_work before allocating rfkill fails  \n  \nsyzbort reported a uninitialize wiphy_work_lock in cfg80211_dev_free. [1]  \n  \nAfter rfkill allocation fails, the wiphy release process will be performed,  \nwhich will cause cfg80211_dev_free to access the uninitialized wiphy_work  \nrelated data.  \n  \nMove the initialization of wiphy_work to before rfkill initialization to  \navoid this issue.  \n  \n[1]  \nINFO: trying to register non-static key.  \nThe code is fine but needs lockdep annotation, or maybe  \nyou didn't initialize this object before use?  \nturning off the locking correctness validator.  \nCPU: 0 UID: 0 PID: 5935 Comm: syz-executor550 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0  \nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014  \nCall Trace:  \n   \n __dump_stack lib/dump_stack.c:94 [inline]  \n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120  \n assign_lock_key kernel/locking/lockdep.c:983 [inline]  \n register_lock_class+0xc39/0x1240 kernel/locking/lockdep.c:1297  \n __lock_acquire+0x135/0x3c40 kernel/locking/lockdep.c:5103  \n lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5851  \n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]  \n _raw_spin_lock_irqsave+0x3a/0x60 kernel/locking/spinlock.c:162  \n cfg80211_dev_free+0x30/0x3d0 net/wireless/core.c:1196  \n device_release+0xa1/0x240 drivers/base/core.c:2568  \n kobject_cleanup lib/kobject.c:689 [inline]  \n kobject_release lib/kobject.c:720 [inline]  \n kref_put include/linux/kref.h:65 [inline]  \n kobject_put+0x1e4/0x5a0 lib/kobject.c:737  \n put_device+0x1f/0x30 drivers/base/core.c:3774  \n wiphy_free net/wireless/core.c:1224 [inline]  \n wiphy_new_nm+0x1c1f/0x2160 net/wireless/core.c:562  \n ieee80211_alloc_hw_nm+0x1b7a/0x2260 net/mac80211/main.c:835  \n mac80211_hwsim_new_radio+0x1d6/0x54e0 drivers/net/wireless/virtual/mac80211_hwsim.c:5185  \n hwsim_new_radio_nl+0xb42/0x12b0 drivers/net/wireless/virtual/mac80211_hwsim.c:6242  \n genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115  \n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]  \n genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210  \n netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2533  \n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219  \n netlink_unicast_kernel net/netlink/af_netlink.c:1312 [inline]  \n netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1338  \n netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1882  \n sock_sendmsg_nosec net/socket.c:718 [inline]  \n __sock_sendmsg net/socket.c:733 [inline]  \n ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2573  \n ___sys_sendmsg+0x135/0x1e0 net/socket.c:2627  \n __sys_sendmsg+0x16e/0x220 net/socket.c:2659  \n do_syscall_x64 arch/x86/entry/common.c:52 [inline]  \n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83  \n  \nClose:  \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T17:43:44.000000Z"}