CVE-2025-40066

  • Published: 1761653741
  • Last modified: 1761653741

CVE-2025-40066 — In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Check phy before init msta_link in mt7996_mac_sta_add_links() In order to avoid a possible NULL pointer dereference in mt7996_mac_sta_init_link routine, move the phy pointer check before running mt7996_mac_sta_init_link() in mt7996_mac_sta_add_links routine.

Related CVE by CWE

No closely related CVE found.

Risk snapshot

EPSS: n/a   |   KEV: not listed

Related CVE by CWE

No related CWE found.

Top CVE for Vendor

No vendor taxonomy on this entry.

Recently Exploited Similar Vulnerabilities

No recent KEV-listed items for this vendor/product.

In the Linux kernel, the following vulnerability has been resolved:

wifi: mt76: mt7996: Check phy before init msta_link in mt7996_mac_sta_add_links()

In order to avoid a possible NULL pointer dereference in
mt7996_mac_sta_init_link routine, move the phy pointer check before
running mt7996_mac_sta_init_link() in mt7996_mac_sta_add_links routine.

🧠 Explainer: What this vulnerability means

Summary: The issue in the product by the vendor (CWE: unspecified) may enable attacks.

Impact: Attackers could gain unauthorized access, execute code, or disrupt services.

Mitigation: Upgrade immediately to the remediated release and follow vendor hardening guidance.

No vendor/product data yet.

No explicit mitigation/advisory links found in references.