CVE-2025-38414
BaseFortify
Publication date: 2025-07-25
Last updated on: 2025-11-19
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | 6.16 |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is due to an incorrect definition of the GCC_GCC_PCIE_HOT_RST register for the WCN7850 device in the Linux kernel's ath12k wifi driver. The wrong definition causes the kernel to crash on some specific platforms. The issue arises because the register differs between WCN7850 and QCN9274 devices. The fix involved moving the register definition to a register table to allow different definitions and correcting the register address for WCN7850.
How can this vulnerability impact me? :
This vulnerability can cause the Linux kernel to crash on certain platforms using the WCN7850 wifi device, potentially leading to system instability or downtime.