CVE-2025-38045
Last modified
CVE-2025-38045 is a medium-severity vulnerability rated 5.5/10 on the CVSS scale. In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix debug actions order The order of actions taken for debug was implemented incorrectly. Now we implemented the dump split and do the FW reset only in the middle of the dump (rather than the FW killing itself on error.) As a result, some of the actions taken when applying the config will now crash the device, so we need to fix the order.. EPSS estimates a 0.16% chance of exploitation in the next 30 days.
Description
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix debug actions order The order of actions taken for debug was implemented incorrectly. Now we implemented the dump split and do the FW reset only in the middle of the dump (rather than the FW killing itself on error.) As a result, some of the actions taken when applying the config will now crash the device, so we need to fix the order.
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | < 6.6.93 |
| Linux | Linux Kernel | >= 6.7, < 6.12.31 |
| Linux | Linux Kernel | >= 6.13, < 6.14.9 |
References
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2025-38045?
How severe is CVE-2025-38045?
How do I fix CVE-2025-38045?
Are you affected by CVE-2025-38045?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST