CVE-2025-38096

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: don't warn when if there is a FW error iwl_trans_reclaim is warning if it is called when the FW is not alive. But if it is called when there is a pending restart, i.e. after a FW error, there is no need to warn, instead - return silently.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/0446d34a853d9576e2a7628c803d2abd2f8cf3a8	Patch
https://git.kernel.org/stable/c/c7f50d0433a016d43681592836a3d484817bfb34	Patch
https://git.kernel.org/stable/c/d07a08f42dc7230c902e1af2a899a72b0a03aa69	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

20 Nov 2025, 21:53

Type	Values Removed	Values Added
CPE		cpe:2.3:o:linux:linux_kernel::::::::
CWE		NVD-CWE-noinfo
First Time		Linux linux Kernel Linux
References	~~() https://git.kernel.org/stable/c/0446d34a853d9576e2a7628c803d2abd2f8cf3a8 -~~	() https://git.kernel.org/stable/c/0446d34a853d9576e2a7628c803d2abd2f8cf3a8 - Patch
References	~~() https://git.kernel.org/stable/c/c7f50d0433a016d43681592836a3d484817bfb34 -~~	() https://git.kernel.org/stable/c/c7f50d0433a016d43681592836a3d484817bfb34 - Patch
References	~~() https://git.kernel.org/stable/c/d07a08f42dc7230c902e1af2a899a72b0a03aa69 -~~	() https://git.kernel.org/stable/c/d07a08f42dc7230c902e1af2a899a72b0a03aa69 - Patch
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5

Information

Published : 2025-07-03 09:15

Updated : 2025-11-20 21:53

NVD link : CVE-2025-38096

Mitre link : CVE-2025-38096

CVE.ORG link : CVE-2025-38096

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-noinfo

{"id": "CVE-2025-38096", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2025-07-03T09:15:22.913", "references": [{"url": "https://git.kernel.org/stable/c/0446d34a853d9576e2a7628c803d2abd2f8cf3a8", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c7f50d0433a016d43681592836a3d484817bfb34", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/d07a08f42dc7230c902e1af2a899a72b0a03aa69", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: don't warn when if there is a FW error\n\niwl_trans_reclaim is warning if it is called when the FW is not alive.\nBut if it is called when there is a pending restart, i.e. after a FW\nerror, there is no need to warn, instead - return silently."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: iwlwifi: no avisa si hay un error de firmware. iwl_trans_reclaim avisa si se ejecuta cuando el firmware no est\u00e1 activo. Sin embargo, si se ejecuta cuando hay un reinicio pendiente, es decir, despu\u00e9s de un error de firmware, no es necesario avisar; en su lugar, regresa silenciosamente."}], "lastModified": "2025-11-20T21:53:08.080", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "762BCFB6-5DF9-4665-8651-F8936F5D8FB1", "versionEndExcluding": "6.12.31"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9B72DD1-715C-4101-A720-1C8D70044C06", "versionEndExcluding": "6.14.9", "versionStartIncluding": "6.13"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}