CVE-2025-38644

MEDIUM EPSS 4.3%
Published Aug 22, 202510mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Aug 22, 2025 10mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: reject TDLS operations when station is not associated syzbot triggered a WARN in ieee80211_tdls_oper() by sending NL80211_TDLS_ENABLE_LINK immediately after NL80211_CMD_CONNECT, before association completed and without prior TDLS setup. This left internal state like sdata->u.mgd.tdls_peer uninitialized, leading to a WARN_ON() in code paths that assumed it was valid. Reject the operation early if not in station mode or not associated.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
4.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-908

Affected Products 6

VendorProductVersionRange
linuxlinux_kernel*≥3.17  –  <6.1.148
linuxlinux_kernel*≥6.2  –  <6.6.102
linuxlinux_kernel*≥6.7  –  <6.12.42
linuxlinux_kernel*≥6.13  –  <6.15.10
linuxlinux_kernel*≥6.16  –  <6.16.1
debiandebian_linux11.0any

References 7

  • git.kernel.org https://git.kernel.org/stable/c/0c84204cf0bbe89e454a5caccc6a908bc7db1542
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/16ecdab5446f15a61ec88eb0d23d25d009821db0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/31af06b574394530f68a4310c45ecbe2f68853c4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/378ae9ccaea3f445838a087962a067b5cb2e8577
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4df663d4c1ca386dcab2f743dfc9f0cc07aef73c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/af72badd5ee423eb16f6ad7fe0a62f1b4252d848
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
    Third Party Advisory

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/0c84204cf0bbe89e454a5caccc6a908bc7db1542
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/16ecdab5446f15a61ec88eb0d23d25d009821db0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/31af06b574394530f68a4310c45ecbe2f68853c4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/378ae9ccaea3f445838a087962a067b5cb2e8577
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4df663d4c1ca386dcab2f743dfc9f0cc07aef73c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/af72badd5ee423eb16f6ad7fe0a62f1b4252d848
    Patch