CVE-2025-38013
BaseFortify
Publication date: 2025-06-18
Last updated on: 2025-11-17
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | 6.15 |
| linux | linux_kernel | 6.15 |
| linux | linux_kernel | 6.15 |
| linux | linux_kernel | 6.15 |
| linux | linux_kernel | 6.15 |
| linux | linux_kernel | 6.15 |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-129 | The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel's wifi mac80211 component involves an out-of-bounds array access due to the improper setting of the n_channels variable after allocating the struct cfg80211_scan_request. Specifically, n_channels was not set correctly after allocating the int_scan_req member of struct cfg80211_registered_device, leading to an array-index-out-of-bounds error detected by UBSAN in the scan.c file. This error occurs because the index 0 is accessed out of range for the ieee80211_channel array, which can cause undefined behavior or crashes.
How can this vulnerability impact me? :
This vulnerability can cause the Linux kernel's wifi scanning functionality to behave incorrectly, potentially leading to kernel crashes or instability due to out-of-bounds memory access. This can affect system reliability and availability, especially on systems relying on wifi scanning features.