CVE-2025-38656

Summary

In the Linux kernel, the following vulnerability has been resolved:

wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()

Preserve the error code if iwl_setup_deferred_work() fails. The current code returns ERR_PTR(0) (which is NULL) on this path. I believe the missing error code potentially leads to a use after free involving debugfs.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxc0e43c3f6c0a79381b468574c241065998412b7c < 991e2066f6009d3cb898413058c62dbcc92bd6d2affected
LinuxLinux70a1b527eaea9430b1bd87de59f3b9f6bd225701 < 1d068272c21d886d06526454b68368100ba0a720affected
LinuxLinux90a0d9f339960448a3acc1437a46730f975efd6a < cf80c02a9fdb6c5bc8508beb6a0f6a1294fc32f6affected
LinuxLinuxc80832d445653baba5ac80cd2c2637c437ac881baffected
LinuxLinuxb398120fbe0acfef60b16f6a0f69902d385d7728affected
LinuxLinux2e9f85ee3b46453a2f250a57d3a9f10c70c71202affected
LinuxLinux6663c52608d8d8727bf1911e6d9218069ba1c85eaffected
LinuxLinuxca980f1911a7144d451d1c31298ab8507c6bd88faffected
LinuxLinux7dd6350307af6521b6240b295c93b7eec4daebe6affected
LinuxLinux5.4.297 < 5.5affected
LinuxLinux5.10.241 < 5.11affected
LinuxLinux5.15.190 < 5.16affected
LinuxLinux6.1.148 < 6.2affected
LinuxLinux6.6.102 < 6.7affected
LinuxLinux6.12.42 < 6.13affected

Weaknesses

References