SB2025071147 - Improper locking in Linux kernel ath ath11k driver
Published: July 11, 2025
Security Bulletin ID
SB2025071147
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper locking (CVE-ID: CVE-2025-38293)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ath11k_core_halt() function in drivers/net/wireless/ath/ath11k/core.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/31e98e277ae47f56632e4d663b1d4fd12ba33ea8
- https://git.kernel.org/stable/c/6c139015b597e570dd5962934e9f9a2f4cc8ef48
- https://git.kernel.org/stable/c/6d6cb27fe146061f2512e904618f5e005bb7bb6a
- https://git.kernel.org/stable/c/b0974ed82e6ad5ff246fd90a5b14f3e7be4f2924
- https://git.kernel.org/stable/c/f50ba7e7b607f2d00618799312e7fdb76a1ff48e
- https://git.kernel.org/stable/c/f5d77d0d41ea7a204d47288d0cf0404a52b5890e
- https://git.kernel.org/stable/c/f9507cf2dd0e1ed5028c0e8240da6fe5fd3110d3