CVE-2025-37973

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation<br /> <br /> Currently during the multi-link element defragmentation process, the<br /> multi-link element length added to the total IEs length when calculating<br /> the length of remaining IEs after the multi-link element in<br /> cfg80211_defrag_mle(). This could lead to out-of-bounds access if the<br /> multi-link element or its corresponding fragment elements are the last<br /> elements in the IEs buffer.<br /> <br /> To address this issue, correctly calculate the remaining IEs length by<br /> deducting the multi-link element end offset from total IEs end offset.