目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

CVE-2025-38505— Linux kernel 安全漏洞

AI 预测 5.5 利用难度: 中等 EPSS 0.14% · P3

可能的 ATT&CK 技术 1AI

T1498 · Network Denial of Service

影响版本矩阵 8

厂商产品版本范围状态
LinuxLinux36995892c271cce5e2230bc165a06f109b117222< a963819a121f5dd61e0b39934d8b5dec529da96aaffected
36995892c271cce5e2230bc165a06f109b117222< 52654cebaac23dae31a9c97ae0da5be649f1ab4daffected
36995892c271cce5e2230bc165a06f109b117222< 3b602ddc0df723992721b0d286c90c9bdd755b34affected
6.12affected
< 6.12unaffected
6.12.39≤ 6.12.*unaffected
6.15.7≤ 6.15.*unaffected
6.16≤ *unaffected
获取后续新漏洞提醒登录后订阅

一、 漏洞 CVE-2025-38505 基础信息

漏洞信息

对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
wifi: mwifiex: discard erroneous disassoc frames on STA interface
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: discard erroneous disassoc frames on STA interface When operating in concurrent STA/AP mode with host MLME enabled, the firmware incorrectly sends disassociation frames to the STA interface when clients disconnect from the AP interface. This causes kernel warnings as the STA interface processes disconnect events that don't apply to it: [ 1303.240540] WARNING: CPU: 0 PID: 513 at net/wireless/mlme.c:141 cfg80211_process_disassoc+0x78/0xec [cfg80211] [ 1303.250861] Modules linked in: 8021q garp stp mrp llc rfcomm bnep btnxpuart nls_iso8859_1 nls_cp437 onboard_us [ 1303.327651] CPU: 0 UID: 0 PID: 513 Comm: kworker/u9:2 Not tainted 6.16.0-rc1+ #3 PREEMPT [ 1303.335937] Hardware name: Toradex Verdin AM62 WB on Verdin Development Board (DT) [ 1303.343588] Workqueue: MWIFIEX_RX_WORK_QUEUE mwifiex_rx_work_queue [mwifiex] [ 1303.350856] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 1303.357904] pc : cfg80211_process_disassoc+0x78/0xec [cfg80211] [ 1303.364065] lr : cfg80211_process_disassoc+0x70/0xec [cfg80211] [ 1303.370221] sp : ffff800083053be0 [ 1303.373590] x29: ffff800083053be0 x28: 0000000000000000 x27: 0000000000000000 [ 1303.380855] x26: 0000000000000000 x25: 00000000ffffffff x24: ffff000002c5b8ae [ 1303.388120] x23: ffff000002c5b884 x22: 0000000000000001 x21: 0000000000000008 [ 1303.395382] x20: ffff000002c5b8ae x19: ffff0000064dd408 x18: 0000000000000006 [ 1303.402646] x17: 3a36333a61623a30 x16: 32206d6f72662063 x15: ffff800080bfe048 [ 1303.409910] x14: ffff000003625300 x13: 0000000000000001 x12: 0000000000000000 [ 1303.417173] x11: 0000000000000002 x10: ffff000003958600 x9 : ffff000003625300 [ 1303.424434] x8 : ffff00003fd9ef40 x7 : ffff0000039fc280 x6 : 0000000000000002 [ 1303.431695] x5 : ffff0000038976d4 x4 : 0000000000000000 x3 : 0000000000003186 [ 1303.438956] x2 : 000000004836ba20 x1 : 0000000000006986 x0 : 00000000d00479de [ 1303.446221] Call trace: [ 1303.448722] cfg80211_process_disassoc+0x78/0xec [cfg80211] (P) [ 1303.454894] cfg80211_rx_mlme_mgmt+0x64/0xf8 [cfg80211] [ 1303.460362] mwifiex_process_mgmt_packet+0x1ec/0x460 [mwifiex] [ 1303.466380] mwifiex_process_sta_rx_packet+0x1bc/0x2a0 [mwifiex] [ 1303.472573] mwifiex_handle_rx_packet+0xb4/0x13c [mwifiex] [ 1303.478243] mwifiex_rx_work_queue+0x158/0x198 [mwifiex] [ 1303.483734] process_one_work+0x14c/0x28c [ 1303.487845] worker_thread+0x2cc/0x3d4 [ 1303.491680] kthread+0x12c/0x208 [ 1303.495014] ret_from_fork+0x10/0x20 Add validation in the STA receive path to verify that disassoc/deauth frames originate from the connected AP. Frames that fail this check are discarded early, preventing them from reaching the MLME layer and triggering WARN_ON(). This filtering logic is similar with that used in the ieee80211_rx_mgmt_disassoc() function in mac80211, which drops disassoc frames that don't match the current BSSID (!ether_addr_equal(mgmt->bssid, sdata->vif.cfg.ap_addr)), ensuring only relevant frames are processed. Tested on: - 8997 with FW 16.68.1.p197
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Linux kernel 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于mwifiex错误处理STA接口上的断开帧,可能导致内核警告。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商产品影响版本CPE订阅
LinuxLinux 36995892c271cce5e2230bc165a06f109b117222 ~ a963819a121f5dd61e0b39934d8b5dec529da96a -
LinuxLinux 6.12 -

二、漏洞 CVE-2025-38505 的公开POC

#POC 描述源链接神龙链接
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2025-38505 的情报信息

登录查看更多情报信息。

同批安全公告 · Linux · 2025-08-16 · 共 59 条

CVE-2025-38520Linux kernel 安全漏洞
CVE-2025-38509Linux kernel 安全漏洞
CVE-2025-38504Linux kernel 安全漏洞
CVE-2025-38506Linux kernel 安全漏洞
CVE-2025-38507Linux kernel 安全漏洞
CVE-2025-38503Linux kernel 安全漏洞
CVE-2025-38516Linux kernel 安全漏洞
CVE-2025-38517Linux kernel 安全漏洞
CVE-2025-38518Linux kernel 安全漏洞
CVE-2025-38519Linux kernel 安全漏洞
CVE-2025-38515Linux kernel 安全漏洞
CVE-2025-38521Linux kernel 安全漏洞
CVE-2025-38522Linux kernel 安全漏洞
CVE-2025-38523Linux kernel 安全漏洞
CVE-2025-38524Linux kernel 安全漏洞
CVE-2025-38525Linux kernel 安全漏洞
CVE-2025-38526Linux kernel 安全漏洞
CVE-2025-38527Linux kernel 安全漏洞
CVE-2025-38528Linux kernel 安全漏洞
CVE-2025-38529Linux kernel 安全漏洞

显示前 20 条,共 59 条。 查看全部 &rarr; →

IV. Related Vulnerabilities

V. Comments for CVE-2025-38505

暂无评论


发表评论