CVE-2025-38292
- Source
- https://cve.org/CVERecord?id=CVE-2025-38292
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38292.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-38292
- Downstream
- Related
- Published
- 2025-07-10T07:42:07.506Z
- Modified
- 2026-03-12T02:19:39.512279Z
- Summary
- wifi: ath12k: fix invalid access to memory
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
wifi: ath12k: fix invalid access to memory
In ath12kdprxmsducoalesce(), rxcb is fetched from skb and boolean iscontinuation is part of rxcb. Currently, after freeing the skb, the rxcb->iscontinuation accessed again which is wrong since the memory is already freed. This might lead use-after-free error.
Hence, fix by locally defining bool iscontinuation from rxcb, so that after freeing skb, iscontinuation can be used.
Compile tested only.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38292.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/371b340affa52f280f6eadfd25fbd43f09f0d5c0
- https://git.kernel.org/stable/c/5f09d16cd57764c95c8548fe5b70672c9ac01127
- https://git.kernel.org/stable/c/9f17747fbda6fca934854463873c4abf8061491d
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38292.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-38292