Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request Make sure that n_channels is set after allocating the struct cfg80211_registered_device::int_scan_req member. Seen with syzkaller: UBSAN: array-index-out-of-bounds in net/mac80211/scan.c:1208:5 index 0 is out of range for type 'struct ieee80211_channel *[] __counted_by(n_channels)' (aka 'struct ieee80211_channel *[]') This was missed in the initial conversions because I failed to locate the allocation likely due to the "sizeof(void *)" not matching the "channels" array type.

INFO

Published Date :

2025-06-18T09:28:22.672Z

Last Modified :

2025-06-18T09:28:22.672Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-38013 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-38013.

URL Resource
https://git.kernel.org/stable/c/07c737d9ab02c07b562aefcca16aa95077368e24 cve-icon cve-icon
https://git.kernel.org/stable/c/82bbe02b2500ef0a62053fe2eb84773fe31c5a0a cve-icon cve-icon
https://git.kernel.org/stable/c/e3192e999a0d05ea0ba2c59c09afaf0b8ee70b81 cve-icon cve-icon
https://git.kernel.org/stable/c/fde33ab3c052a302ee8a0b739094b88ceae4dd67 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025061843-CVE-2025-38013-eef6@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-38013 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-38013 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact