Kernel Vulnerability in Linux Affecting WCN7850 Devices
CVE-2025-38414

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 25 July 2025

What is CVE-2025-38414?

A specific vulnerability exists in the Linux kernel that relates to the WCN7850 device, affecting its handling of the GCC_GCC_PCIE_HOT_RST definition. This misconfiguration can lead to kernel crashes on certain platforms when utilizing this particular hardware. The divergence in register definitions between WCN7850 and QCN9274 necessitated a revision of the register table, allowing for precise addresses and improved operation of the WCN7850. Devices not based on PCIe, such as the IPQ5332, are unaffected by this issue.

Affected Version(s)

Linux d889913205cf7ebda905b1e62c5867ed4e39f6c2 < 569972c5bdb839b0eaf8aba6ce76ea0b78e2acf8

Linux d889913205cf7ebda905b1e62c5867ed4e39f6c2

Linux d889913205cf7ebda905b1e62c5867ed4e39f6c2 < 7588a893cde5385ad308400ff167d29a29913b3a

References

https://git.kernel.org/stable/c/569972c5bdb839b0eaf8aba6c...

https://git.kernel.org/stable/c/d71ac5694b33c80f1de97d074...

https://git.kernel.org/stable/c/7588a893cde5385ad308400ff...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 25, 2025
Vulnerability Reserved
Apr 16, 2025