CVE-2025-38505

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A flaw exists in the Linux kernel's mwifiex driver related to the handling of disassociation frames when operating in concurrent Station (STA) and Access Point (AP) mode with host Machine Learning Mode Enabled (MLME). Incorrectly sent disassociation frames from the AP interface can trigger kernel warnings as the STA interface processes them. The fix adds validation to the STA receive path to verify that disassociation/deauthentication frames originate from the connected AP, discarding invalid frames before they reach the MLME layer. This filtering logic mirrors the behavior in the ieee80211 rx mgmt disassoc() function, ensuring only relevant frames are processed.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.