Exploit in Realtek RTW89 Driver for Linux Kernel
CVE-2025-38647

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 22 August 2025

What is CVE-2025-38647?

A vulnerability in the Realtek RTW89 driver during its initialization phase leads to a lockdep assertion failure. The rtw89_set_sar_from_acpi function triggers an assertion related to wiphy lock management when the driver starts up. This issue has been resolved by eliminating the unnecessary lock assertion, enhancing the driver's stability and performance. Users are encouraged to update to the latest kernel version to mitigate the risks associated with this vulnerability.

Affected Version(s)

Linux 88ca3107d2ce06448018e0571f7c0f1b40f57b55

Linux 88ca3107d2ce06448018e0571f7c0f1b40f57b55 < 6fe21445f7e801de5527d420f8e25e97b0cdd7e2

Linux 6.16

References

https://git.kernel.org/stable/c/f7ac6df92eee0301514760780...

https://git.kernel.org/stable/c/6fe21445f7e801de5527d420f...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 22, 2025
Vulnerability Reserved
Apr 16, 2025