Buffer Size Vulnerability in Linux Kernel Affects Wi-Fi Functionality
CVE-2025-38159
What is CVE-2025-38159?
A vulnerability in the Linux kernel related to the handling of a 'para' buffer has been discovered. The issue arises from an insufficient buffer size specified for the 'para' array, which is passed to the function 'rtw_fw_bt_wifi_control'. The current implementation sets the buffer size to 2, allowing for the potential reading of out-of-bounds memory when accessing buffer indices. This can lead to unexpected behavior or security issues. Proper allocation of the buffer's size to accommodate the necessary data is essential for maintaining system integrity and security. The vulnerability was identified using the static analysis tool, Svace.
Affected Version(s)
Linux 4136214f7c46839c15f0f177fe1d5052302c0205 < 1ee8ea6937d13b20f90ff35d71ccc03ba448182d
Linux 4136214f7c46839c15f0f177fe1d5052302c0205 < 68a1037f0bac4de9a585aa9c879ef886109f3647
Linux 4136214f7c46839c15f0f177fe1d5052302c0205 < 74e18211c2c89ab66c9546baa7408288db61aa0d