{"id":"CVE-2025-38292","summary":"wifi: ath12k: fix invalid access to memory","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix invalid access to memory\n\nIn ath12k_dp_rx_msdu_coalesce(), rxcb is fetched from skb and boolean\nis_continuation is part of rxcb.\nCurrently, after freeing the skb, the rxcb-\u003eis_continuation accessed\nagain which is wrong since the memory is already freed.\nThis might lead use-after-free error.\n\nHence, fix by locally defining bool is_continuation from rxcb,\nso that after freeing skb, is_continuation can be used.\n\nCompile tested only.","modified":"2026-03-20T12:42:47.313619Z","published":"2025-07-10T07:42:07.506Z","related":["ALSA-2025:13602","SUSE-SU-2025:02853-1","SUSE-SU-2025:02923-1","SUSE-SU-2025:02969-1","SUSE-SU-2025:02996-1","SUSE-SU-2025:02997-1","SUSE-SU-2025:03011-1","SUSE-SU-2025:03023-1","SUSE-SU-2025:20577-1","SUSE-SU-2025:20586-1","SUSE-SU-2025:20601-1","SUSE-SU-2025:20602-1","SUSE-SU-2025:21074-1","SUSE-SU-2025:21139-1","SUSE-SU-2025:21179-1","openSUSE-SU-2025:20081-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38292.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/371b340affa52f280f6eadfd25fbd43f09f0d5c0"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5f09d16cd57764c95c8548fe5b70672c9ac01127"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9f17747fbda6fca934854463873c4abf8061491d"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38292.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38292"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"d889913205cf7ebda905b1e62c5867ed4e39f6c2"},{"fixed":"371b340affa52f280f6eadfd25fbd43f09f0d5c0"},{"fixed":"5f09d16cd57764c95c8548fe5b70672c9ac01127"},{"fixed":"9f17747fbda6fca934854463873c4abf8061491d"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38292.json"}}],"schema_version":"1.7.5"}