PT-2025-29004 · Linux+5 · Linux Kernel+5

Published

2025-05-06

Updated

2026-03-13

CVE-2025-38284

CVSS v2.0

6.0

Medium

Vector

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 6.14.2-061402 and earlier

Description: A flaw exists in the Linux kernel's wifi subsystem, specifically within the rtw89 PCI driver, related to the configuration of manual DAC mode via the PCI configuration API. The issue arises from improper handling of DMA configuration, potentially leading to a page fault when accessing memory. The kernel may generate an error trace related to a supervisor write access in kernel mode.

Recommendations: Linux kernel versions prior to 6.14.2-061402 are affected. Update to a newer version of the Linux kernel to address this issue.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476CWE-399

Related Identifiers

BDU:2025-09680

CVE-2025-38284

USN-7769-1

USN-7769-2

USN-7769-3

USN-7770-1

USN-7771-1

USN-7789-1

USN-7789-2

Affected Products

Astra Linux

Debian

Linuxmint

Linux Kernel

Ubuntu

Rtw89

PT-2025-29004 · Linux+5 · Linux Kernel+5

CVE-2025-38284

Weakness Enumeration

Related Identifiers

Affected Products

References · 216