Main Vulnerability Database SB2025071149

SB2025071149 - Improper locking in Linux kernel ath ath12k driver

Published: July 11, 2025

Security Bulletin ID SB2025071149

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper locking (CVE-ID: CVE-2025-38290)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ath12k_rfkill_work() and ath12k_core_halt() functions in drivers/net/wireless/ath/ath12k/core.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/6285516170f9e2f04b9dbf1e5100e0d7cbac22b4
https://git.kernel.org/stable/c/6bfe7ae9bbd9734751b853e2d2e1c13e8b46fd2d
https://git.kernel.org/stable/c/823435bd23108d6f8be89ea2d025c0e2e3769c51
https://git.kernel.org/stable/c/be049199dec9189602bc06e2c70eda3aa0f2ea6e