Linux Kernel: mac80211 WARN on invalid WiFi channel connections
CVE-2025-71227 Published on February 18, 2026
wifi: mac80211: don't WARN for connections on invalid channels
In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: don't WARN for connections on invalid channels
It's not clear (to me) how exactly syzbot managed to hit this,
but it seems conceivable that e.g. regulatory changed and has
disabled a channel between scanning (channel is checked to be
usable by cfg80211_get_ies_channel_number) and connecting on
the channel later.
With one scenario that isn't covered elsewhere described above,
the warning isn't good, replace it with a (more informative)
error message.
Products Associated with CVE-2025-71227
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2025-71227 are published in Linux Kernel:
Affected Versions
Linux:- Version f2d9d270c15ae0139b54a7e7466d738327e97e03 and below 10d3ff7e5812c8d70300f6fa8f524009a06aa7e1 is affected.
- Version f2d9d270c15ae0139b54a7e7466d738327e97e03 and below 99067b58a408a384d2a45c105eb3dce980a862ce is affected.
- Version 3.8 is affected.
- Before 3.8 is unaffected.
- Version 6.18.10, <= 6.18.* is unaffected.
- Version 6.19, <= * is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.