CVE-2025-23133

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved, related to the wifi ath11k module. The issue occurs when the ath11k module receives a new channel list, and it is processed in an asynchronous manner, potentially leading to an out-of-bounds write error. This error can cause a slab-out-of-bounds bug in the ath11k reg update chan list() function. To fix this issue, a patch has been raised to ensure that the cfg80211 module notifies the ath11k module after it has completed handling the new channel list.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Buffer Overflow

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-119CWE-125

Related Identifiers

BDU:2026-02292

CVE-2025-23133

DSA-6008-1

ECHO-4DBA-2195-71A8

OPENSUSE-SU-2025_01614-1

OPENSUSE-SU-2025_01707-1

SUSE-SU-2025:01614-1

SUSE-SU-2025:01707-1

SUSE-SU-2025:01919-1

SUSE-SU-2025:01951-1

SUSE-SU-2025:01964-1

SUSE-SU-2025:01967-1

SUSE-SU-2025:20343-1

SUSE-SU-2025:20344-1

SUSE-SU-2025:20354-1

SUSE-SU-2025:20355-1

SUSE-SU-2025_01614-1

SUSE-SU-2025_01707-1

SUSE-SU-2025_01951-1

SUSE-SU-2025_01964-1

SUSE-SU-2025_01967-1

USN-7594-1

USN-7594-2

USN-7594-3

USN-8095-1

USN-8095-2

USN-8095-3

USN-8095-4

USN-8095-5

USN-8100-1

USN-8125-1

USN-8126-1

USN-8165-1

USN-8261-1

Affected Products

Astra Linux

Debian

Linuxmint

Linux Kernel

Suse

Ubuntu

CVE-2025-23133

Weakness Enumeration

Related Identifiers

Affected Products

References · 2915