CVE-2025-38121
- Source
- https://cve.org/CVERecord?id=CVE-2025-38121
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38121.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-38121
- Downstream
- Published
- 2025-07-03T08:35:27.900Z
- Modified
- 2026-04-02T12:47:49.092771Z
- Summary
- wifi: iwlwifi: mld: avoid panic on init failure
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
wifi: iwlwifi: mld: avoid panic on init failure
In case of an error during init, inhwrestart will be set, but it will never get cleared. Instead, we will retry to init again, and then we will act like we are in a restart when we are actually not.
This causes (among others) to a NULL pointer dereference when canceling rxomi::finishedwork, that was not even initialized, because we thought that we are in hw_restart.
Set inhwrestart to true only if the fw is running, then we know that FW was loaded successfully and we are not going to the retry loop.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38121.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/960c7e6d388034d219dafffa6da0a5c2ccd5ff30
- https://git.kernel.org/stable/c/a26ec8e16958b6dd37dac9daf5fb6978fe0cb0b8
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38121.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-38121
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git