CVE-2025-38656

Published: Aug 22, 2025

Modified: May 23, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() Preserve the error code if iwl_setup_deferred_work() fails. The current code returns ERR_PTR(0) (which is NULL) on this path. I believe the missing error code potentially leads to a use after free involving debugfs.

Vendor	Product	Versions
Linux	Linux	affected `c0e43c3f6c0a79381b468574c241065998412b7c - < 991e2066f6009d3cb898413058c62dbcc92bd6d2` affected `70a1b527eaea9430b1bd87de59f3b9f6bd225701 - < 1d068272c21d886d06526454b68368100ba0a720` affected `90a0d9f339960448a3acc1437a46730f975efd6a - < cf80c02a9fdb6c5bc8508beb6a0f6a1294fc32f6` affected `c80832d445653baba5ac80cd2c2637c437ac881b` affected `b398120fbe0acfef60b16f6a0f69902d385d7728` +10 more versions
Linux	Linux	All versions

References

https://git.kernel.org/stable/c/991e2066f6009d3cb898413058c62dbcc92bd6d2

https://git.kernel.org/stable/c/1d068272c21d886d06526454b68368100ba0a720

https://git.kernel.org/stable/c/cf80c02a9fdb6c5bc8508beb6a0f6a1294fc32f6

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-38656

Description

Affected Products

References