Linux Kernel Vulnerability in ath6kl WiFi Driver
CVE-2025-38406

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 25 July 2025

What is CVE-2025-38406?

A vulnerability exists in the Linux kernel's ath6kl WiFi driver that fails to handle improper firmware inputs appropriately. This issue arises when faulty firmware sends bad information to the driver. The previous implementation issued a warning when encountering such inputs, which did not contribute value or aid in identifying the problem source. The current fix addresses this by replacing the warning with a simpler message and providing additional context about the input sizes, improving diagnostic capabilities and enhancing system reliability.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 7a2afdc5af3b82b601f6a2f0d1c90d5f0bc27aeb

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 46b47d4b06fa7f234d93f0f8ac43798feafcff89

References

https://git.kernel.org/stable/c/7a2afdc5af3b82b601f6a2f0d...

https://git.kernel.org/stable/c/e6c49f0b203a987c306676d24...

https://git.kernel.org/stable/c/46b47d4b06fa7f234d93f0f8a...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 25, 2025
Vulnerability Reserved
Apr 16, 2025