CVE-2025-38316

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-38316

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38316.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-38316

Downstream

UBUNTU-CVE-2025-38316

USN-7769-1

USN-7769-2

USN-7769-3

USN-7770-1

USN-7771-1

USN-7789-1

USN-7789-2

Published

2025-07-10T07:42:23Z

Modified

2025-10-16T02:02:40.658304Z

Summary

wifi: mt76: mt7996: avoid NULL pointer dereference in mt7996_set_monitor()

Details

In the Linux kernel, the following vulnerability has been resolved:

wifi: mt76: mt7996: avoid NULL pointer dereference in mt7996setmonitor()

The function mt7996setmonitor() dereferences phy before the NULL sanity check.

Fix this to avoid NULL pointer dereference by moving the dereference after the check.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

69d54ce7491d046eaae05de7fb2493319a481991

Fixed

83a422c8169eef95aef57f7ddc467bb126d9ae81

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

69d54ce7491d046eaae05de7fb2493319a481991

Fixed

cb423ddad0f6e6f55b1700422ab777b25597cc83

Affected versions

v6.*

v6.13

v6.13-rc7

v6.14

v6.14-rc1

v6.14-rc2

v6.14-rc3

v6.14-rc4

v6.14-rc5

v6.14-rc6

v6.14-rc7

v6.15

v6.15-rc1

v6.15-rc2

v6.15-rc3

v6.15-rc4

v6.15-rc5

v6.15-rc6

v6.15-rc7

v6.15.1

v6.15.2

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

6.14.0

Fixed

6.15.3