Peer Lookup Issue in Linux Kernel WiFi Component by Atheros
CVE-2025-40131

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 12 November 2025

What is CVE-2025-40131?

A vulnerability in the ath12k component of the Linux kernel arises from an incorrect peer lookup mechanism during monitor mode. Specifically, the rxcb->peer_id is not updated with a valid identifier, leading to failures in retrieving peer metadata when data frames are processed. This may trigger warning messages in mac80211 as it encounters associated stations with invalid link identifiers. A patch has been implemented to utilize ppduinfo->peer_id, ensuring correct peer identification and proper update of link metadata.

Affected Version(s)

Linux bd00cc7e8a4c1048d14c9a9e9790c582119785fb

Linux bd00cc7e8a4c1048d14c9a9e9790c582119785fb < 7ca61ed8b3f3fc9a7decd68039cb1d7d1238c566

Linux 124bd8cea02395a1a140f1dcc5e57c65cdd428af

References

https://git.kernel.org/stable/c/da64eb2da76ce5626238a951f...

https://git.kernel.org/stable/c/7ca61ed8b3f3fc9a7decd6803...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 12, 2025
Vulnerability Reserved
Apr 16, 2025

JSON