Login Sign Up

CVE-2025-71224

N/A Unknown

📋 TL;DR

This CVE addresses a race condition in the Linux kernel's OCB (Outside the Context of a BSS) WiFi mode implementation where the ieee80211_ocb_rx_no_sta() function could be called before the interface is properly joined. This affects Linux systems using OCB mode for WiFi communications, potentially causing kernel warnings or instability.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific affected versions not specified in CVE, but patches exist in stable kernel trees
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ✅ No
Notes: Only affects systems with OCB (Outside the Context of a BSS) WiFi mode enabled and configured. Most systems don't use OCB mode by default.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:
  1. Review the CVE details at NVD
  2. Check vendor security advisories for your specific version
  3. Test if the vulnerability is exploitable in your environment
  4. Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic or system crash leading to denial of service on affected systems using OCB WiFi mode.

🟠

Likely Case

Kernel warning messages in system logs and potential packet loss or connectivity issues for OCB WiFi interfaces.

🟢

If Mitigated

Minor performance impact or warning messages that don't affect system stability.

🌐 Internet-Facing: LOW - Requires local network access and specific OCB mode configuration.
🏢 Internal Only: LOW - Requires privileged access to configure OCB mode and trigger the race condition.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires ability to configure OCB WiFi mode and trigger the race condition between RX processing and JOIN_OCB operations.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patches available in stable kernel trees (commits referenced in CVE)

Vendor Advisory: https://git.kernel.org/stable/c/536447521b3b9be1975c7f1db9054bdf2ab779cb

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix. 2. Check with your distribution vendor for specific patched kernel versions. 3. Reboot system after kernel update.

🔧 Temporary Workarounds

Disable OCB WiFi mode

linux

Disable OCB (Outside the Context of a BSS) mode if not required for your use case

# Check if OCB is enabled
iw list | grep -i ocb
# Disable OCB mode configuration

🧯 If You Can't Patch

  • Disable OCB WiFi mode entirely if not needed
  • Monitor system logs for kernel warnings related to OCB or mac80211

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if OCB mode is enabled: 'uname -r' and 'iw list | grep -i ocb'

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version contains the fix commits or check that OCB mode warnings no longer appear in system logs

📡 Detection & Monitoring

Log Indicators:

  • Kernel warnings mentioning 'ieee80211_ocb_rx_no_sta'
  • mac80211 or OCB related warnings in dmesg

Network Indicators:

  • Unusual WiFi connectivity issues on OCB interfaces

SIEM Query:

source="kernel" AND ("ieee80211_ocb_rx_no_sta" OR "mac80211" OR "OCB")

📊 Metadata

CVE ID: CVE-2025-71224
CVSS v3 Score: N/A (Unknown)
Published: February 14, 2026
Last Updated: February 18, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON