CVE-2025-38157 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k_htc: Abort software beacon handling if disabled A malicious USB device can send a WMI_SWBA_EVENTID event from an ath9k_htc-managed device before beaconing has been enabled. This causes a device-by-zero error in the driver, leading to either a crash or an out of bounds read. Prevent this by aborting the handling in ath9k_htc_swba() if beacons are not enabled.

Reserved 2025-04-16 | Published 2025-07-03 | Updated 2025-07-03 | Assigner Linux

Product status

Default status

unaffected

832f6a18fc2aead14954c081ece03b7a5b425f81 before e5ce9df1d68094d37360dbd9b09289d42fa21e54

affected

832f6a18fc2aead14954c081ece03b7a5b425f81 before 0281c19074976ec48f0078d50530b406ddae75bc

affected

832f6a18fc2aead14954c081ece03b7a5b425f81 before 7ee3fb6258da8c890a51b514f60d7570dc703605

affected

832f6a18fc2aead14954c081ece03b7a5b425f81 before 40471b23147c86ea3ed97faee79937c618250bd0

affected

832f6a18fc2aead14954c081ece03b7a5b425f81 before 5482ef9875eaa43f0435e14570e1193823de857e

affected

832f6a18fc2aead14954c081ece03b7a5b425f81 before ee5ee646385f5846dcbc881389f3c44a197c402a

affected

832f6a18fc2aead14954c081ece03b7a5b425f81 before 5a85c21f812e02cb00ca07007d88acdd42d08c46

affected

832f6a18fc2aead14954c081ece03b7a5b425f81 before ac4e317a95a1092b5da5b9918b7118759342641c

affected

Default status

affected

3.0

affected

Any version before 3.0

unaffected

5.4.295

unaffected

5.10.239

unaffected

5.15.186

unaffected

6.1.142

unaffected

6.6.94

unaffected

6.12.34

unaffected

6.15.3

unaffected

6.16-rc1

unaffected

References

git.kernel.org/...c/e5ce9df1d68094d37360dbd9b09289d42fa21e54

git.kernel.org/...c/0281c19074976ec48f0078d50530b406ddae75bc

git.kernel.org/...c/7ee3fb6258da8c890a51b514f60d7570dc703605

git.kernel.org/...c/40471b23147c86ea3ed97faee79937c618250bd0

git.kernel.org/...c/5482ef9875eaa43f0435e14570e1193823de857e

git.kernel.org/...c/ee5ee646385f5846dcbc881389f3c44a197c402a

git.kernel.org/...c/5a85c21f812e02cb00ca07007d88acdd42d08c46

git.kernel.org/...c/ac4e317a95a1092b5da5b9918b7118759342641c

cve.org (CVE-2025-38157)

nvd.nist.gov (CVE-2025-38157)

Download JSON