CVE-2025-39732
BaseFortify
Publication date: 2025-09-07
Last updated on: 2025-11-25
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is in the Linux kernel's wifi driver for ath11k. The function ath11k_mac_disable_peer_fixed_rate() is used as an iterator in ieee80211_iterate_stations_atomic(), which requires the iterator to be atomic (non-sleeping). However, ath11k_mac_disable_peer_fixed_rate() may sleep, causing a BUG warning due to a sleeping function being called from an invalid atomic context. The issue is fixed by changing to ieee80211_iterate_stations_mtx(), which allows sleeping.
How can this vulnerability impact me? :
This vulnerability can cause kernel warnings and potential instability or crashes because a sleeping function is called in an atomic context where sleeping is not allowed. This can affect the reliability of the wifi driver and overall system stability on affected devices.
What immediate steps should I take to mitigate this vulnerability?
Update the Linux kernel to a version where the vulnerability is fixed by changing ieee80211_iterate_stations_atomic() to ieee80211_iterate_stations_mtx() in the ath11k driver, specifically addressing the sleeping-in-atomic context issue in ath11k_mac_op_set_bitrate_mask().