SB2025081825 - NULL pointer dereference in Linux kernel zydas zd1211rw driver
Published: August 18, 2025
Security Bulletin ID
SB2025081825
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) NULL pointer dereference (CVE-ID: CVE-2025-38513)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the zd_mac_tx_to_dev() function in drivers/net/wireless/zydas/zd1211rw/zd_mac.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/014c34dc132015c4f918ada4982e952947ac1047
- https://git.kernel.org/stable/c/5420de65efbeb6503bcf1d43451c9df67ad60298
- https://git.kernel.org/stable/c/602b4eb2f25668de15de69860ec99caf65b3684d
- https://git.kernel.org/stable/c/74b1ec9f5d627d2bdd5e5b6f3f81c23317657023
- https://git.kernel.org/stable/c/adf08c96b963c7cd7ec1ee1c0c556228d9bedaae
- https://git.kernel.org/stable/c/b24f65c184540dfb967479320ecf7e8c2e9220dc
- https://git.kernel.org/stable/c/c1958270de947604cc6de05fc96dbba256b49cf0
- https://git.kernel.org/stable/c/fcd9c923b58e86501450b9b442ccc7ce4a8d0fda