PT-2025-37209 · Linux+6 · Linux Kernel+6

Published

2025-07-21

Updated

2026-05-26

CVE-2025-39750

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The Linux kernel contains a flaw within the ath12k driver related to the handling of TID (Transmit Identifier) cleanup during setup failures. If an error occurs during ath12k dp rx peer tid setup(), the TID value is incremented prematurely, potentially leading to the freeing of unallocated TIDs and causing a crash or out-of-bounds access. The issue is addressed by correctly decrementing the TID before cleanup to ensure only successfully allocated TIDs are managed. Additionally, unnecessary TID decrementing in ath12k dp rx peer frag setup() has been removed.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

BDU:2025-15700

CVE-2025-39750

ECHO-D238-1544-F44A

OPENSUSE-SU-2025:20081-1

SUSE-SU-2025:03600-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:20851-1

SUSE-SU-2025:20861-1

SUSE-SU-2025:20870-1

SUSE-SU-2025:20898-1

SUSE-SU-2025:21074-1

SUSE-SU-2025:21139-1

SUSE-SU-2025:21179-1

SUSE-SU-2025:3751-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4141-1

USN-8028-1

USN-8028-2

USN-8028-3

USN-8028-4

USN-8028-5

USN-8028-6

USN-8028-7

USN-8028-8

USN-8031-1

USN-8031-2

USN-8031-3

USN-8052-1

USN-8052-2

USN-8074-1

USN-8074-2

USN-8126-1

Affected Products

Astra Linux

Debian

Linuxmint

Linux Kernel

Suse

Ubuntu

Ath12K

PT-2025-37209 · Linux+6 · Linux Kernel+6

CVE-2025-39750

Weakness Enumeration

Related Identifiers

Affected Products

References · 3330