CVE-2025-23129

MEDIUM EPSS 4.9%
Published Apr 16, 20251y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Apr 16, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path If a shared IRQ is used by the driver due to platform limitation, then the IRQ affinity hint is set right after the allocation of IRQ vectors in ath11k_pci_alloc_msi(). This does no harm unless one of the functions requesting the IRQ fails and attempt to free the IRQ. This results in the below warning: WARNING: CPU: 7 PID: 349 at kernel/irq/manage.c:1929 free_irq+0x278/0x29c Call trace: free_irq+0x278/0x29c ath11k_pcic_free_irq+0x70/0x10c [ath11k] ath11k_pci_probe+0x800/0x820 [ath11k_pci] local_pci_probe+0x40/0xbc The warning is due to not clearing the affinity hint before freeing the IRQs. So to fix this issue, clear the IRQ affinity hint before calling ath11k_pcic_free_irq() in the error path. The affinity will be cleared once again further down the error path due to code organization, but that does no harm. Tested-on: QCA6390 hw2.0 PCI WLAN.HST.1.0.1-05266-QCAHSTSWPLZ_V2_TO_X86-1

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
4.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 3

VendorProductVersionRange
linuxlinux_kernel*≥6.1.63  –  <6.2
linuxlinux_kernel*≥6.5.12  –  <6.6
linuxlinux_kernel*≥6.6.2  –  <6.14.2

References 3

  • git.kernel.org https://git.kernel.org/stable/c/3fc42cfcc6e336f25dee79b34e57c4a63cd652a5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/68410c5bd381a81bcc92b808e7dc4e6b9ed25d11
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/80dc5a2ce5b75d648e08549617f5c555d07ae43c

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/3fc42cfcc6e336f25dee79b34e57c4a63cd652a5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/68410c5bd381a81bcc92b808e7dc4e6b9ed25d11
    Patch