CVE-2025-38656

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2025-38656

Severity

Unknown

Summary

wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()

Description

In the Linux kernel, the following vulnerability has been resolved:

wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()

Preserve the error code if iwl_setup_deferred_work() fails. The current code returns ERR_PTR(0) (which is NULL) on this path. I believe the missing error code potentially leads to a use after free involving debugfs.

References

https://images.chainguard.dev/security/CGA-2f2h-h4h5-qhrq
https://github.com/advisories/GHSA-6g9x-rpr5-4qrw
https://images.chainguard.dev/security/CGA-pr83-cgf6-97xv
https://images.chainguard.dev/security/CGA-4r59-x8gj-442f
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
https://git.kernel.org/stable/c/1d068272c21d886d06526454b68368100ba0a720
https://git.kernel.org/stable/c/991e2066f6009d3cb898413058c62dbcc92bd6d2
https://git.kernel.org/stable/c/cf80c02a9fdb6c5bc8508beb6a0f6a1294fc32f6

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CVE-2025-38656

Severity

Summary

Description

References

Affected packages

The trusted source for open source

Product

Solutions

Customers

Resources

Company