CVE-2025-38293

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A flaw exists in the Linux kernel’s ath11k driver related to list node corruption within the ar->arvifs list during WLAN recovery. Specifically, the ath11k core halt() function only reinitializes the list head, potentially creating an invalid list node. This can lead to a kernel panic when a WLAN recovery occurs during interface removal, before the spin lock bh(&ar->data lock) in the ath11k mac op remove interface() function is executed. The issue is resolved by removing and reinitializing all vif list nodes from the list head during WLAN halt, ensuring the validity of list nodes and proper execution of list del() in ath11k mac op remove interface().

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.