CVE-2025-38600

Source
https://cve.org/CVERecord?id=CVE-2025-38600
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38600.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-38600
Downstream
Published
2025-08-19T17:03:34.830Z
Modified
2026-04-02T12:48:02.865501Z
Summary
wifi: mt76: mt7925: fix off by one in mt7925_mcu_hw_scan()
Details

In the Linux kernel, the following vulnerability has been resolved:

wifi: mt76: mt7925: fix off by one in mt7925mcuhw_scan()

The ssid->ssids[] and sreq->ssids[] arrays have MT7925RNRSCANMAXBSSIDS elements so this >= needs to be > to prevent an out of bounds access.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38600.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
8284815ca161e0fa0861cc4085f1c0141e10a34d
Fixed
4d80d4fa986c5da99042b66bf30a028e7f564156
Fixed
b3a431fe2e399b2e0cc5f43f7e9d63d63d3710ee

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38600.json"