CVE-2025-38644

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-38644

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38644.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-38644

Downstream

BELL-CVE-2025-38644

DEBIAN-CVE-2025-38644

DLA-4328-1

ECHO-1abe-51d3-9899

ROOT-OS-DEBIAN-11-CVE-2025-38644

ROOT-OS-DEBIAN-12-CVE-2025-38644

ROOT-OS-DEBIAN-13-CVE-2025-38644

ROOT-OS-UBUNTU-2204-CVE-2025-38644

ROOT-OS-UBUNTU-2404-CVE-2025-38644

SUSE-SU-2025:03204-1

SUSE-SU-2025:03272-1

SUSE-SU-2025:03283-1

SUSE-SU-2025:03290-1

SUSE-SU-2025:03301-1

SUSE-SU-2025:03310-1

SUSE-SU-2025:03314-1

SUSE-SU-2025:03344-1

SUSE-SU-2025:03382-1

SUSE-SU-2025:03383-1

SUSE-SU-2025:03384-1

SUSE-SU-2025:03602-1

SUSE-SU-2025:03633-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:03636-1

SUSE-SU-2025:03638-1

SUSE-SU-2025:03646-1

SUSE-SU-2025:03650-1

SUSE-SU-2025:03652-1

SUSE-SU-2025:03653-1

SUSE-SU-2025:03656-1

SUSE-SU-2025:03662-1

SUSE-SU-2025:03663-1

SUSE-SU-2025:03664-1

SUSE-SU-2025:03666-1

SUSE-SU-2025:03671-1

SUSE-SU-2025:03672-1

SUSE-SU-2025:20653-1

SUSE-SU-2025:20669-1

SUSE-SU-2025:20739-1

SUSE-SU-2025:20756-1

SUSE-SU-2025:20873-1

SUSE-SU-2025:20874-1

SUSE-SU-2025:20875-1

SUSE-SU-2025:20876-1

SUSE-SU-2025:20877-1

SUSE-SU-2025:20878-1

SUSE-SU-2025:20879-1

SUSE-SU-2025:20881-1

SUSE-SU-2025:20882-1

SUSE-SU-2025:20883-1

SUSE-SU-2025:20884-1

SUSE-SU-2025:20885-1

SUSE-SU-2025:20886-1

SUSE-SU-2025:20887-1

SUSE-SU-2025:20888-1

SUSE-SU-2025:20890-1

SUSE-SU-2025:20891-1

SUSE-SU-2025:20902-1

SUSE-SU-2025:20903-1

SUSE-SU-2025:20904-1

SUSE-SU-2025:20905-1

SUSE-SU-2025:20906-1

SUSE-SU-2025:20907-1

SUSE-SU-2025:20909-1

SUSE-SU-2025:20912-1

SUSE-SU-2025:20913-1

SUSE-SU-2025:20914-1

SUSE-SU-2025:20915-1

SUSE-SU-2025:20916-1

SUSE-SU-2025:20917-1

SUSE-SU-2025:20918-1

SUSE-SU-2025:20920-1

SUSE-SU-2025:21074-1

SUSE-SU-2025:21139-1

SUSE-SU-2025:21179-1

SUSE-SU-2025:3675-1

SUSE-SU-2025:3679-1

SUSE-SU-2025:3683-1

SUSE-SU-2025:3703-1

SUSE-SU-2025:3704-1

SUSE-SU-2025:3705-1

SUSE-SU-2025:3712-1

SUSE-SU-2025:3717-1

SUSE-SU-2025:3720-1

SUSE-SU-2025:3721-1

SUSE-SU-2025:3731-1

SUSE-SU-2025:3733-1

SUSE-SU-2025:3734-1

SUSE-SU-2025:3736-1

SUSE-SU-2025:3740-1

SUSE-SU-2025:3742-1

SUSE-SU-2025:3748-1

SUSE-SU-2025:3755-1

SUSE-SU-2025:3762-1

SUSE-SU-2025:3764-1

SUSE-SU-2025:3765-1

SUSE-SU-2025:3768-1

SUSE-SU-2025:3771-1

SUSE-SU-2025:3772-1

SUSE-SU-2025:4123-1

openSUSE-SU-2025:20081-1

Related

Published

2025-08-22T16:00:49.899Z

Modified

2026-03-20T12:42:57.534091Z

Summary

wifi: mac80211: reject TDLS operations when station is not associated

Details

In the Linux kernel, the following vulnerability has been resolved:

wifi: mac80211: reject TDLS operations when station is not associated

syzbot triggered a WARN in ieee80211tdlsoper() by sending NL80211TDLSENABLELINK immediately after NL80211CMD_CONNECT, before association completed and without prior TDLS setup.

This left internal state like sdata->u.mgd.tdlspeer uninitialized, leading to a WARNON() in code paths that assumed it was valid.

Reject the operation early if not in station mode or not associated.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38644.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

81dd2b8822410e56048b927be779d95a2b6dc186

Fixed

0c84204cf0bbe89e454a5caccc6a908bc7db1542

Fixed

378ae9ccaea3f445838a087962a067b5cb2e8577

Fixed

af72badd5ee423eb16f6ad7fe0a62f1b4252d848

Fixed

4df663d4c1ca386dcab2f743dfc9f0cc07aef73c

Fixed

31af06b574394530f68a4310c45ecbe2f68853c4

Fixed

16ecdab5446f15a61ec88eb0d23d25d009821db0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38644.json"