Mutex Locking Vulnerability in the Linux Kernel Affecting Wireless Communication
CVE-2025-38643

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
22 August 2025

What is CVE-2025-38643?

A concurrency-related vulnerability exists in the Linux kernel's cfg80211 subsystem. The issue arises when the function cfg80211_check_and_end_cac() fails to ensure proper mutex acquisition before calling wdev_chandef(). As a result, the worker thread cfg80211_propagate_cac_done_wk() may be executed without holding the required lock, leading to potential race conditions, inconsistent behavior, and warning messages when certain tests are run. This vulnerability stresses the importance of robust locking mechanisms in wireless communication code paths.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 26ec17a1dc5ecdd8d91aba63ead6f8b5ad5dea0d

Linux 26ec17a1dc5ecdd8d91aba63ead6f8b5ad5dea0d < 4a63523d3541eef4cf504a9682e6fbe94ffe79a6

Linux 26ec17a1dc5ecdd8d91aba63ead6f8b5ad5dea0d < 7022df2248c08c6f75a01714163ac902333bf3db

References

https://git.kernel.org/stable/c/b3d24038eb775f2f7a1dfef58...
https://git.kernel.org/stable/c/4a63523d3541eef4cf504a968...
https://git.kernel.org/stable/c/7022df2248c08c6f75a017141...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.