CVE-2025-38157
Published: Jul 3, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k_htc: Abort software beacon handling if disabled A malicious USB device can send a WMI_SWBA_EVENTID event from an ath9k_htc-managed device before beaconing has been enabled. This causes a device-by-zero error in the driver, leading to either a crash or an out of bounds read. Prevent this by aborting the handling in ath9k_htc_swba() if beacons are not enabled.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 832f6a18fc2aead14954c081ece03b7a5b425f81 - < e5ce9df1d68094d37360dbd9b09289d42fa21e54affected 832f6a18fc2aead14954c081ece03b7a5b425f81 - < 0281c19074976ec48f0078d50530b406ddae75bcaffected 832f6a18fc2aead14954c081ece03b7a5b425f81 - < 7ee3fb6258da8c890a51b514f60d7570dc703605affected 832f6a18fc2aead14954c081ece03b7a5b425f81 - < 40471b23147c86ea3ed97faee79937c618250bd0affected 832f6a18fc2aead14954c081ece03b7a5b425f81 - < 5482ef9875eaa43f0435e14570e1193823de857e+3 more versions |
Linux | Linux | affected 3.0unaffected 0 - < 3.0unaffected 5.4.295 - <= 5.4.*unaffected 5.10.239 - <= 5.10.*unaffected 5.15.186 - <= 5.15.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now