Description

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: mcc: prevent shift wrapping in rtw89_core_mlsr_switch() The "link_id" value comes from the user via debugfs. If it's larger than BITS_PER_LONG then that would result in shift wrapping and potentially an out of bounds access later. In fact, we can limit it to IEEE80211_MLD_MAX_NUM_LINKS (15). Fortunately, only root can write to debugfs files so the security impact is minimal.

INFO

Published Date :

2025-08-22T16:01:00.512Z

Last Modified :

2025-08-22T16:01:00.512Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-38657 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-38657.

URL Resource
https://git.kernel.org/stable/c/417cfa9cc44fbe6bceab786f9a4ee5a210f1288e cve-icon cve-icon
https://git.kernel.org/stable/c/53cf488927a0f79968f9c03c4d1e00d2a79731c3 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025082239-CVE-2025-38657-87b3@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-38657 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-38657 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact