CVE-2025-68380

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains an issue within the ath11k module related to the handling of High Efficiency (HE) MCS (Modulation and Coding Scheme) assignment during Wi-Fi connections. Specifically, the ath11k wmi send peer assoc cmd() function incorrectly swaps the assignment of transmit and receive MCS values when communicating with the firmware. This can lead to a firmware crash when connecting to an Access Point (AP) that advertises unsupported MCS values for 160 MHz transmission, such as 0xffff. The issue arises because the firmware interprets the incorrectly assigned MCS values, leading to unexpected behavior. The HE rate control mask, intended to limit transmit MCS, is also affected by this swap.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-681

Related Identifiers

BDU:2026-07520

CVE-2025-68380

ECHO-A0B1-4DFF-0F3F

OPENSUSE-SU-2026:10039-1

OPENSUSE-SU-2026:10301-1

OPENSUSE-SU-2026:20145-1

SUSE-SU-2026:0278-1

SUSE-SU-2026:0281-1

SUSE-SU-2026:0293-1

SUSE-SU-2026:0315-1

SUSE-SU-2026:20207-1

SUSE-SU-2026:20220-1

SUSE-SU-2026:20228-1

SUSE-SU-2026:20477-1

SUSE-SU-2026:20498-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

USN-8094-1

USN-8094-2

USN-8094-3

USN-8094-4

USN-8094-5

USN-8152-1

USN-8179-1

USN-8179-2

USN-8179-3

USN-8179-4

USN-8184-1

USN-8185-1

USN-8185-2

USN-8203-1

USN-8204-1

USN-8258-1

USN-8260-1

USN-8261-1

USN-8265-1

Affected Products

Debian

Linuxmint

Linux Kernel

Ubuntu

Ath11K

CVE-2025-68380

Weakness Enumeration

Related Identifiers

Affected Products

References · 2402