-

CVE-2025-38157

EPSS 0.04%
Veröffentlicht 03.07.2025 08:35:59
Zuletzt bearbeitet 03.07.2025 15:13:53
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

wifi: ath9k_htc: Abort software beacon handling if disabled

A malicious USB device can send a WMI_SWBA_EVENTID event from an
ath9k_htc-managed device before beaconing has been enabled. This causes
a device-by-zero error in the driver, leading to either a crash or an
out of bounds read.

Prevent this by aborting the handling in ath9k_htc_swba() if beacons are
not enabled.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < e5ce9df1d68094d37360dbd9b09289d42fa21e54

Version 832f6a18fc2aead14954c081ece03b7a5b425f81

Status affected

Version < 0281c19074976ec48f0078d50530b406ddae75bc

Version 832f6a18fc2aead14954c081ece03b7a5b425f81

Status affected

Version < 7ee3fb6258da8c890a51b514f60d7570dc703605

Version 832f6a18fc2aead14954c081ece03b7a5b425f81

Status affected

Version < 40471b23147c86ea3ed97faee79937c618250bd0

Version 832f6a18fc2aead14954c081ece03b7a5b425f81

Status affected

Version < 5482ef9875eaa43f0435e14570e1193823de857e

Version 832f6a18fc2aead14954c081ece03b7a5b425f81

Status affected

Version < ee5ee646385f5846dcbc881389f3c44a197c402a

Version 832f6a18fc2aead14954c081ece03b7a5b425f81

Status affected

Version < 5a85c21f812e02cb00ca07007d88acdd42d08c46

Version 832f6a18fc2aead14954c081ece03b7a5b425f81

Status affected

Version < ac4e317a95a1092b5da5b9918b7118759342641c

Version 832f6a18fc2aead14954c081ece03b7a5b425f81

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 3.0

Status affected

Version < 3.0

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.295

Status unaffected

Version <= 5.10.*

Version 5.10.239

Status unaffected

Version <= 5.15.*

Version 5.15.186

Status unaffected

Version <= 6.1.*

Version 6.1.142

Status unaffected

Version <= 6.6.*

Version 6.6.94

Status unaffected

Version <= 6.12.*

Version 6.12.34

Status unaffected

Version <= 6.15.*

Version 6.15.3

Status unaffected

Version <= *

Version 6.16

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.097

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/e5ce9df1d68094d37360dbd9b09289d42fa21e54

https://git.kernel.org/stable/c/0281c19074976ec48f0078d50530b406ddae75bc

https://git.kernel.org/stable/c/7ee3fb6258da8c890a51b514f60d7570dc703605

https://git.kernel.org/stable/c/40471b23147c86ea3ed97faee79937c618250bd0

https://git.kernel.org/stable/c/5482ef9875eaa43f0435e14570e1193823de857e

https://git.kernel.org/stable/c/ee5ee646385f5846dcbc881389f3c44a197c402a

https://git.kernel.org/stable/c/5a85c21f812e02cb00ca07007d88acdd42d08c46

https://git.kernel.org/stable/c/ac4e317a95a1092b5da5b9918b7118759342641c

https://nvd.nist.gov/vuln/detail/CVE-2025-38157

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38157

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38157

EUVD