CVE-2025-37976

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the wifi component, specifically the ath12k driver. In the ath12k dp mon srng process function, an incorrect function, ath12k hal srng src get next entry, is used to fetch the next entry from the destination ring. This is incorrect because ath12k hal srng src get next entry is intended for source rings, not destination rings. The incorrect function call leads to invalid entry fetches, causing potential data corruption or crashes due to accessing incorrect memory locations. The source ring and destination ring have different handling mechanisms, and using the wrong function results in incorrect pointer arithmetic and ring management.

Recommendations To fix this issue, replace the call to ath12k hal srng src get next entry with ath12k hal srng dst get next entry in ath12k dp mon srng process. This ensures that the correct function is used for fetching entries from the destination ring, preventing invalid memory accesses. At the moment, there is no information about a newer version that contains a fix for this vulnerability.