CVE-2025-39991

NONE EPSS 7.9%
Published Oct 15, 20258mo ago · Modified Jun 17, 20261w ago
Find Similar
Published Oct 15, 2025 8mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load() If ab->fw.m3_data points to data, then fw pointer remains null. Further, if m3_mem is not allocated, then fw is dereferenced to be passed to ath11k_err function. Replace fw->size by m3_len. Found by Linux Verification Center (linuxtesting.org) with SVACE.

Threat Intelligence

EPSS Exploit Probability
7.9% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 4

  • git.kernel.org https://git.kernel.org/stable/c/1f52119809b76d43759fc47da1cf708690b740a1
  • git.kernel.org https://git.kernel.org/stable/c/3fd2ef2ae2b5c955584a3bee8e83ae7d7a98f782
  • git.kernel.org https://git.kernel.org/stable/c/500fcc31e488d798937a23dbb1f62db46820c5b2
  • git.kernel.org https://git.kernel.org/stable/c/888830b2cbc035838bebefe94502976da94332a5

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.