CVE-2025-38642
BaseFortify
Publication date: 2025-08-22
Last updated on: 2025-11-26
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-617 | The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves the Linux kernel's wifi mac80211 component where a warning (WARN_ON) occurs when changing the per-link setting of a monitor interface on some devices that lack WANT_MONITOR_VIF and probably channel context support. The issue arises because the code does not properly handle these cases, leading to a warning that could indicate improper handling of monitor mode interfaces. The fix involves catching this condition in the link change code instead of triggering the warning.
How can this vulnerability impact me? :
The vulnerability causes a warning in the kernel when changing settings on monitor mode wifi interfaces on certain devices. While it may not directly lead to a security breach, such warnings can indicate instability or improper handling of wifi monitor interfaces, potentially affecting device reliability or wifi monitoring functionality.