CVE-2025-38292

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-38292
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38292.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-38292
Downstream
Related
Published
2025-07-10T07:42:07.506Z
Modified
2025-11-27T19:35:20.907082Z
Summary
wifi: ath12k: fix invalid access to memory
Details

In the Linux kernel, the following vulnerability has been resolved:

wifi: ath12k: fix invalid access to memory

In ath12kdprxmsducoalesce(), rxcb is fetched from skb and boolean iscontinuation is part of rxcb. Currently, after freeing the skb, the rxcb->iscontinuation accessed again which is wrong since the memory is already freed. This might lead use-after-free error.

Hence, fix by locally defining bool iscontinuation from rxcb, so that after freeing skb, iscontinuation can be used.

Compile tested only.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/blob/ee626f5d79d5817bb21d6f048dc0da4c4e383443/cves/2025/38xxx/CVE-2025-38292.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
d889913205cf7ebda905b1e62c5867ed4e39f6c2
Fixed
371b340affa52f280f6eadfd25fbd43f09f0d5c0
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
d889913205cf7ebda905b1e62c5867ed4e39f6c2
Fixed
5f09d16cd57764c95c8548fe5b70672c9ac01127
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
d889913205cf7ebda905b1e62c5867ed4e39f6c2
Fixed
9f17747fbda6fca934854463873c4abf8061491d

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.3.0
Fixed
6.12.34
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.15.3