Description

In the Linux kernel, the following vulnerability has been resolved: wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() There is a potential NULL pointer dereference in zd_mac_tx_to_dev(). For example, the following is possible: T0 T1 zd_mac_tx_to_dev() /* len == skb_queue_len(q) */ while (len > ZD_MAC_MAX_ACK_WAITERS) { filter_ack() spin_lock_irqsave(&q->lock, flags); /* position == skb_queue_len(q) */ for (i=1; i<position; i++) skb = __skb_dequeue(q) if (mac->type == NL80211_IFTYPE_AP) skb = __skb_dequeue(q); spin_unlock_irqrestore(&q->lock, flags); skb_dequeue() -> NULL Since there is a small gap between checking skb queue length and skb being unconditionally dequeued in zd_mac_tx_to_dev(), skb_dequeue() can return NULL. Then the pointer is passed to zd_mac_tx_status() where it is dereferenced. In order to avoid potential NULL pointer dereference due to situations like above, check if skb is not NULL before passing it to zd_mac_tx_status(). Found by Linux Verification Center (linuxtesting.org) with SVACE.

INFO

Published Date :

2025-08-16T10:55:00.254Z

Last Modified :

2025-11-03T17:39:16.277Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-38513 vulnerability.

Vendors Products
Debian
  • Debian Linux
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-38513.

URL Resource
https://git.kernel.org/stable/c/014c34dc132015c4f918ada4982e952947ac1047 cve-icon cve-icon
https://git.kernel.org/stable/c/5420de65efbeb6503bcf1d43451c9df67ad60298 cve-icon cve-icon
https://git.kernel.org/stable/c/602b4eb2f25668de15de69860ec99caf65b3684d cve-icon cve-icon
https://git.kernel.org/stable/c/74b1ec9f5d627d2bdd5e5b6f3f81c23317657023 cve-icon cve-icon
https://git.kernel.org/stable/c/adf08c96b963c7cd7ec1ee1c0c556228d9bedaae cve-icon cve-icon
https://git.kernel.org/stable/c/b24f65c184540dfb967479320ecf7e8c2e9220dc cve-icon cve-icon
https://git.kernel.org/stable/c/c1958270de947604cc6de05fc96dbba256b49cf0 cve-icon cve-icon
https://git.kernel.org/stable/c/fcd9c923b58e86501450b9b442ccc7ce4a8d0fda cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html cve-icon
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html cve-icon
https://lore.kernel.org/linux-cve-announce/2025081652-CVE-2025-38513-e205@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-38513 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-38513 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact