Main Vulnerability Database SB2025081824

SB2025081824 - NULL pointer dereference in Linux kernel mt76 mt7925 driver

Published: August 18, 2025

Security Bulletin ID SB2025081824

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) NULL pointer dereference (CVE-ID: CVE-2025-38541)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mt7925_thermal_init() function in drivers/net/wireless/mediatek/mt76/mt7925/init.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/03ee8f73801a8f46d83dfc2bf73fb9ffa5a21602
https://git.kernel.org/stable/c/1bbdf4213711bb6dc365e7628430a63dd3280794
https://git.kernel.org/stable/c/2e99e9b34ece0b6d3e82cb757e9f60fa414da999