CVE-2025-68380

NONE EPSS 6.5%
Published Dec 24, 20256mo ago · Modified Jun 17, 20262w ago
Find Similar
Published Dec 24, 2025 6mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix peer HE MCS assignment In ath11k_wmi_send_peer_assoc_cmd(), peer's transmit MCS is sent to firmware as receive MCS while peer's receive MCS sent as transmit MCS, which goes against firmwire's definition. While connecting to a misbehaved AP that advertises 0xffff (meaning not supported) for 160 MHz transmit MCS map, firmware crashes due to 0xffff is assigned to he_mcs->rx_mcs_set field. Ext Tag: HE Capabilities [...] Supported HE-MCS and NSS Set [...] Rx and Tx MCS Maps 160 MHz [...] Tx HE-MCS Map 160 MHz: 0xffff Swap the assignment to fix this issue. As the HE rate control mask is meant to limit our own transmit MCS, it needs to go via he_mcs->rx_mcs_set field. With the aforementioned swapping done, change is needed as well to apply it to the peer's receive MCS. Tested-on: WCN6855 hw2.1 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.41 Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.4.1-00199-QCAHKSWPL_SILICONZ-1

Threat Intelligence

EPSS Exploit Probability
6.5% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 6

  • git.kernel.org https://git.kernel.org/stable/c/097c870b91817779e5a312c6539099a884b1fe2b
  • git.kernel.org https://git.kernel.org/stable/c/381096a417b7019896e93e86f4c585c592bf98e2
  • git.kernel.org https://git.kernel.org/stable/c/4304bd7a334e981f189b9973056a58f84cc2b482
  • git.kernel.org https://git.kernel.org/stable/c/4a013ca2d490c73c40588d62712ffaa432046a04
  • git.kernel.org https://git.kernel.org/stable/c/6b1a0da75932353f66e710976ca85a7131f647ff
  • git.kernel.org https://git.kernel.org/stable/c/92791290e4f6a1de25d35af792ab8918a70737f6

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.