CVE-2025-38294
Description
In the Linux kernel, the following vulnerability has been resolved:wifi: ath12k: fix null access in assign channel context handlerCurrently, when ath12k_mac_assign_vif_to_vdev() fails, the radio handle(ar) gets accessed from the link VIF handle (arvif) for debug logging, Thisis incorrect. In the fail scenario, radio handle is null. Fix the nullaccess, avoid radio handle access by moving to the hardware debug logginghelper function (ath12k_hw_warn).Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1Tested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3
Risk Information
Base Score
5.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.02
Associated Vulnerability
No records foundPatch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234