CVE-2025-38643

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 6.14.0-rc5-wt-g03960e6f9d47 #33 and earlier.

Description: A missing lock in the cfg80211 check and end cac() function within the Linux kernel's wireless subsystem can lead to issues when callers of wdev chandef() do not hold the wiphy mutex. Specifically, the worker cfg80211 propagate cac done wk() does not acquire the necessary lock, potentially causing a warning during operations like the mesh peer connected dfs test from hostapd.

Recommendations: Update to a newer kernel version to address this issue.

Exploit

Fix

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-667CWE-371

Related Identifiers

AZL-66653

AZL-71167

BDU:2026-02853

CVE-2025-38643

ECHO-5A43-789F-EC29

OPENSUSE-SU-2025:20081-1

SUSE-SU-2025:03600-1

SUSE-SU-2025:03601-1

SUSE-SU-2025:03602-1

SUSE-SU-2025:03633-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:20851-1

SUSE-SU-2025:20861-1

SUSE-SU-2025:20870-1

SUSE-SU-2025:20898-1

SUSE-SU-2025:21074-1

SUSE-SU-2025:21139-1

SUSE-SU-2025:21179-1

SUSE-SU-2025:3725-1

SUSE-SU-2025:3751-1

USN-7879-1

USN-7879-2

USN-7879-3

USN-7879-4

USN-7880-1

USN-7934-1

USN-8095-1

USN-8095-2

USN-8095-3

USN-8095-4

USN-8095-5

USN-8100-1

USN-8125-1

USN-8126-1

USN-8165-1

USN-8261-1

Affected Products

Debian

Linuxmint

Linux Kernel

Suse

Ubuntu

CVE-2025-38643

Weakness Enumeration

Related Identifiers

Affected Products

References · 3221