Null Pointer Dereference in Linux Kernel Affecting Wireless Connectivity
CVE-2025-38450

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 25 July 2025

What is CVE-2025-38450?

A vulnerability in the Linux kernel's wireless driver (mt76) can lead to a null pointer dereference, causing a kernel panic when the AP mode is utilized. This issue arises in the function mt7925_sta_set_decap_offload() when a station is not fully initialized prior to executing the function. The panic results from attempts to access resources from a NULL pointer, specifically msta->vif, which is not valid at the time. Implementing an early return condition ensures that the function only processes when the station's state is properly set up, thereby enhancing stability and reliability in wireless communication.

Affected Version(s)

Linux b859ad65309a5f1654e8b284de582831fc88e2d8 < 9b50874f297fcc62adc7396f35209878e51010b0

Linux b859ad65309a5f1654e8b284de582831fc88e2d8 < 91c3dec2453b3742e8f666957b99945edc30577f

Linux b859ad65309a5f1654e8b284de582831fc88e2d8 < 35ad47c0b3da04b00b19a8b9ed5632e2f2520472

References

https://git.kernel.org/stable/c/9b50874f297fcc62adc7396f3...

https://git.kernel.org/stable/c/91c3dec2453b3742e8f666957...

https://git.kernel.org/stable/c/35ad47c0b3da04b00b19a8b9e...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 25, 2025
Vulnerability Reserved
Apr 16, 2025