7.8

CVE-2025-38656

wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()

In the Linux kernel, the following vulnerability has been resolved:

wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()

Preserve the error code if iwl_setup_deferred_work() fails.  The current
code returns ERR_PTR(0) (which is NULL) on this path.  I believe the
missing error code potentially leads to a use after free involving
debugfs.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.4.297 < 5.5
LinuxLinux Kernel Version >= 5.10.241 < 5.11
LinuxLinux Kernel Version >= 5.15.190 < 5.16
LinuxLinux Kernel Version >= 6.1.148 < 6.2
LinuxLinux Kernel Version >= 6.6.102 < 6.7
LinuxLinux Kernel Version >= 6.12.42 < 6.13
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.044
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://git.kernel.org/stable/c/991e2066f6009d3cb898413058c62dbcc92bd6d2
Patch
https://git.kernel.org/stable/c/1d068272c21d886d06526454b68368100ba0a720
Patch
https://git.kernel.org/stable/c/cf80c02a9fdb6c5bc8508beb6a0f6a1294fc32f6
Patch