CVE-2025-39991

Linux Kernel - Null Pointer Dereference in ath11k_qmi_m3_load

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load() If ab->fw.m3_data points to data, then fw pointer remains null. Further, if m3_mem is not allocated, then fw is dereferenced to be passed to ath11k_err function. Replace fw->size by m3_len. Found by Linux Verification Center (linuxtesting.org) with SVACE.

Scores

EPSS 0.0019
EPSS Percentile 8.3%

Details

Status published
Products (13)
linux/Kernel 6.13.0 - 6.16.11linux
linux/Kernel 6.17.0 - 6.17.1linux
linux/Kernel 6.7.0 - 6.12.51linux
Linux/Linux < 6.7
Linux/Linux 6.12.51 - 6.12.*
Linux/Linux 6.16.11 - 6.16.*
Linux/Linux 6.17.1 - 6.17.*
Linux/Linux 6.18
Linux/Linux 6.7
Linux/Linux 7db88b962f06a52af5e9a32971012e8f3427cec0 - 1f52119809b76d43759fc47da1cf708690b740a1
... and 3 more
Published Oct 15, 2025
Tracked Since Feb 18, 2026