vulnerability

Ubuntu: (Multiple Advisories) (CVE-2025-38513): Linux kernel vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:S/C:N/I:N/A:C)	Aug 16, 2025	Sep 26, 2025	Mar 27, 2026

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

Aug 16, 2025

Added

Sep 26, 2025

Modified

Mar 27, 2026

Description

In the Linux kernel, the following vulnerability has been resolved:

wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev()

There is a potential NULL pointer dereference in zd_mac_tx_to_dev(). For
example, the following is possible:

T0 T1
zd_mac_tx_to_dev()
/* len == skb_queue_len(q) */
while (len > ZD_MAC_MAX_ACK_WAITERS) {

filter_ack()
spin_lock_irqsave(&q->lock, flags);
/* position == skb_queue_len(q) */
for (i=1; i<position; i++)
skb = __skb_dequeue(q)

if (mac->type == NL80211_IFTYPE_AP)
skb = __skb_dequeue(q);
spin_unlock_irqrestore(&q->lock, flags);

skb_dequeue() -> NULL

Since there is a small gap between checking skb queue length and skb being
unconditionally dequeued in zd_mac_tx_to_dev(), skb_dequeue() can return NULL.
Then the pointer is passed to zd_mac_tx_status() where it is dereferenced.

In order to avoid potential NULL pointer dereference due to situations like
above, check if skb is not NULL before passing it to zd_mac_tx_status().

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Solutions

ubuntu-upgrade-linux-image-5-15-0-1034-nvidia-tegra-igxubuntu-upgrade-linux-image-5-15-0-1034-nvidia-tegra-igx-rtubuntu-upgrade-linux-image-5-15-0-1045-nvidia-tegraubuntu-upgrade-linux-image-5-15-0-1045-nvidia-tegra-rtubuntu-upgrade-linux-image-5-15-0-1056-xilinx-zynqmpubuntu-upgrade-linux-image-5-15-0-1075-gkeopubuntu-upgrade-linux-image-5-15-0-1085-intel-iot-realtimeubuntu-upgrade-linux-image-5-15-0-1086-ibmubuntu-upgrade-linux-image-5-15-0-1086-raspiubuntu-upgrade-linux-image-5-15-0-1087-intel-iotgubuntu-upgrade-linux-image-5-15-0-1087-nvidiaubuntu-upgrade-linux-image-5-15-0-1087-nvidia-lowlatencyubuntu-upgrade-linux-image-5-15-0-1088-kvmubuntu-upgrade-linux-image-5-15-0-1089-gkeubuntu-upgrade-linux-image-5-15-0-1090-oracleubuntu-upgrade-linux-image-5-15-0-1092-awsubuntu-upgrade-linux-image-5-15-0-1092-aws-64kubuntu-upgrade-linux-image-5-15-0-1092-aws-fipsubuntu-upgrade-linux-image-5-15-0-1092-gcpubuntu-upgrade-linux-image-5-15-0-1092-gcp-fipsubuntu-upgrade-linux-image-5-15-0-1092-realtimeubuntu-upgrade-linux-image-5-15-0-1096-azureubuntu-upgrade-linux-image-5-15-0-1096-azure-fipsubuntu-upgrade-linux-image-5-15-0-156-fipsubuntu-upgrade-linux-image-5-15-0-156-genericubuntu-upgrade-linux-image-5-15-0-156-generic-64kubuntu-upgrade-linux-image-5-15-0-156-generic-lpaeubuntu-upgrade-linux-image-5-15-0-156-lowlatencyubuntu-upgrade-linux-image-5-15-0-156-lowlatency-64kubuntu-upgrade-linux-image-6-14-0-1016-oemubuntu-upgrade-linux-image-6-14-0-1016-realtimeubuntu-upgrade-linux-image-6-14-0-1017-awsubuntu-upgrade-linux-image-6-14-0-1017-aws-64kubuntu-upgrade-linux-image-6-14-0-1017-azureubuntu-upgrade-linux-image-6-14-0-1017-oracleubuntu-upgrade-linux-image-6-14-0-1017-oracle-64kubuntu-upgrade-linux-image-6-14-0-1018-raspiubuntu-upgrade-linux-image-6-14-0-1020-gcpubuntu-upgrade-linux-image-6-14-0-1020-gcp-64kubuntu-upgrade-linux-image-6-14-0-36-genericubuntu-upgrade-linux-image-6-14-0-36-generic-64kubuntu-upgrade-linux-image-6-8-0-100-fipsubuntu-upgrade-linux-image-6-8-0-100-genericubuntu-upgrade-linux-image-6-8-0-100-generic-64kubuntu-upgrade-linux-image-6-8-0-100-lowlatencyubuntu-upgrade-linux-image-6-8-0-100-lowlatency-64kubuntu-upgrade-linux-image-6-8-0-1023-xilinxubuntu-upgrade-linux-image-6-8-0-1030-gkeopubuntu-upgrade-linux-image-6-8-0-1043-gkeubuntu-upgrade-linux-image-6-8-0-1043-gke-64kubuntu-upgrade-linux-image-6-8-0-1043-oracleubuntu-upgrade-linux-image-6-8-0-1043-oracle-64kubuntu-upgrade-linux-image-6-8-0-1044-ibmubuntu-upgrade-linux-image-6-8-0-1046-awsubuntu-upgrade-linux-image-6-8-0-1046-aws-64kubuntu-upgrade-linux-image-6-8-0-1046-aws-fipsubuntu-upgrade-linux-image-6-8-0-1046-azureubuntu-upgrade-linux-image-6-8-0-1046-azure-fipsubuntu-upgrade-linux-image-6-8-0-1046-nvidiaubuntu-upgrade-linux-image-6-8-0-1046-nvidia-64kubuntu-upgrade-linux-image-6-8-0-1046-nvidia-lowlatencyubuntu-upgrade-linux-image-6-8-0-1046-nvidia-lowlatency-64kubuntu-upgrade-linux-image-6-8-0-1047-gcpubuntu-upgrade-linux-image-6-8-0-1047-gcp-64kubuntu-upgrade-linux-image-6-8-0-1047-gcp-fipsubuntu-upgrade-linux-image-6-8-0-1047-raspiubuntu-upgrade-linux-image-6-8-0-1051-azureubuntu-upgrade-linux-image-6-8-0-2037-raspi-realtimeubuntu-upgrade-linux-image-6-8-1-1041-realtimeubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-aws-5-15ubuntu-upgrade-linux-image-aws-6-14ubuntu-upgrade-linux-image-aws-6-8ubuntu-upgrade-linux-image-aws-64kubuntu-upgrade-linux-image-aws-64k-5-15ubuntu-upgrade-linux-image-aws-64k-6-14ubuntu-upgrade-linux-image-aws-64k-6-8ubuntu-upgrade-linux-image-aws-64k-lts-22-04ubuntu-upgrade-linux-image-aws-64k-lts-24-04ubuntu-upgrade-linux-image-aws-fipsubuntu-upgrade-linux-image-aws-fips-5-15ubuntu-upgrade-linux-image-aws-fips-6-8ubuntu-upgrade-linux-image-aws-lts-22-04ubuntu-upgrade-linux-image-aws-lts-24-04ubuntu-upgrade-linux-image-azureubuntu-upgrade-linux-image-azure-5-15ubuntu-upgrade-linux-image-azure-6-14ubuntu-upgrade-linux-image-azure-6-8ubuntu-upgrade-linux-image-azure-cvmubuntu-upgrade-linux-image-azure-fipsubuntu-upgrade-linux-image-azure-fips-5-15ubuntu-upgrade-linux-image-azure-fips-6-8ubuntu-upgrade-linux-image-azure-lts-22-04ubuntu-upgrade-linux-image-azure-lts-24-04ubuntu-upgrade-linux-image-fipsubuntu-upgrade-linux-image-fips-5-15ubuntu-upgrade-linux-image-fips-6-8ubuntu-upgrade-linux-image-gcpubuntu-upgrade-linux-image-gcp-5-15ubuntu-upgrade-linux-image-gcp-6-14ubuntu-upgrade-linux-image-gcp-6-8ubuntu-upgrade-linux-image-gcp-64kubuntu-upgrade-linux-image-gcp-64k-6-14ubuntu-upgrade-linux-image-gcp-64k-6-8ubuntu-upgrade-linux-image-gcp-64k-lts-24-04ubuntu-upgrade-linux-image-gcp-fipsubuntu-upgrade-linux-image-gcp-fips-5-15ubuntu-upgrade-linux-image-gcp-fips-6-8ubuntu-upgrade-linux-image-gcp-lts-22-04ubuntu-upgrade-linux-image-gcp-lts-24-04ubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-5-15ubuntu-upgrade-linux-image-generic-6-14ubuntu-upgrade-linux-image-generic-6-8ubuntu-upgrade-linux-image-generic-64kubuntu-upgrade-linux-image-generic-64k-5-15ubuntu-upgrade-linux-image-generic-64k-6-14ubuntu-upgrade-linux-image-generic-64k-6-8ubuntu-upgrade-linux-image-generic-64k-hwe-22-04ubuntu-upgrade-linux-image-generic-64k-hwe-24-04ubuntu-upgrade-linux-image-generic-hwe-22-04ubuntu-upgrade-linux-image-generic-hwe-24-04ubuntu-upgrade-linux-image-generic-lpaeubuntu-upgrade-linux-image-generic-lpae-5-15ubuntu-upgrade-linux-image-gkeubuntu-upgrade-linux-image-gke-5-15ubuntu-upgrade-linux-image-gke-6-8ubuntu-upgrade-linux-image-gke-64kubuntu-upgrade-linux-image-gke-64k-6-8ubuntu-upgrade-linux-image-gkeopubuntu-upgrade-linux-image-gkeop-5-15ubuntu-upgrade-linux-image-gkeop-6-8ubuntu-upgrade-linux-image-ibmubuntu-upgrade-linux-image-ibm-5-15ubuntu-upgrade-linux-image-ibm-6-8ubuntu-upgrade-linux-image-ibm-classicubuntu-upgrade-linux-image-ibm-lts-24-04ubuntu-upgrade-linux-image-intelubuntu-upgrade-linux-image-intel-iot-realtimeubuntu-upgrade-linux-image-intel-iot-realtime-5-15ubuntu-upgrade-linux-image-intel-iotgubuntu-upgrade-linux-image-intel-iotg-5-15ubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-kvm-5-15ubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-5-15ubuntu-upgrade-linux-image-lowlatency-6-8ubuntu-upgrade-linux-image-lowlatency-64kubuntu-upgrade-linux-image-lowlatency-64k-5-15ubuntu-upgrade-linux-image-lowlatency-64k-6-8ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04ubuntu-upgrade-linux-image-lowlatency-hwe-20-04ubuntu-upgrade-linux-image-lowlatency-hwe-22-04ubuntu-upgrade-linux-image-nvidiaubuntu-upgrade-linux-image-nvidia-5-15ubuntu-upgrade-linux-image-nvidia-6-8ubuntu-upgrade-linux-image-nvidia-64kubuntu-upgrade-linux-image-nvidia-64k-6-8ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04ubuntu-upgrade-linux-image-nvidia-hwe-22-04ubuntu-upgrade-linux-image-nvidia-lowlatencyubuntu-upgrade-linux-image-nvidia-lowlatency-5-15ubuntu-upgrade-linux-image-nvidia-lowlatency-6-8ubuntu-upgrade-linux-image-nvidia-lowlatency-64kubuntu-upgrade-linux-image-nvidia-lowlatency-64k-6-8ubuntu-upgrade-linux-image-nvidia-tegraubuntu-upgrade-linux-image-nvidia-tegra-5-15ubuntu-upgrade-linux-image-nvidia-tegra-igxubuntu-upgrade-linux-image-nvidia-tegra-igx-5-15ubuntu-upgrade-linux-image-nvidia-tegra-igx-rtubuntu-upgrade-linux-image-nvidia-tegra-igx-rt-5-15ubuntu-upgrade-linux-image-nvidia-tegra-rtubuntu-upgrade-linux-image-nvidia-tegra-rt-5-15ubuntu-upgrade-linux-image-oem-22-04ubuntu-upgrade-linux-image-oem-22-04aubuntu-upgrade-linux-image-oem-22-04bubuntu-upgrade-linux-image-oem-22-04cubuntu-upgrade-linux-image-oem-22-04dubuntu-upgrade-linux-image-oem-24-04ubuntu-upgrade-linux-image-oem-24-04aubuntu-upgrade-linux-image-oem-6-14ubuntu-upgrade-linux-image-oracleubuntu-upgrade-linux-image-oracle-5-15ubuntu-upgrade-linux-image-oracle-6-14ubuntu-upgrade-linux-image-oracle-6-8ubuntu-upgrade-linux-image-oracle-64kubuntu-upgrade-linux-image-oracle-64k-6-14ubuntu-upgrade-linux-image-oracle-64k-6-8ubuntu-upgrade-linux-image-oracle-64k-lts-24-04ubuntu-upgrade-linux-image-oracle-lts-22-04ubuntu-upgrade-linux-image-oracle-lts-24-04ubuntu-upgrade-linux-image-raspiubuntu-upgrade-linux-image-raspi-5-15ubuntu-upgrade-linux-image-raspi-6-14ubuntu-upgrade-linux-image-raspi-6-8ubuntu-upgrade-linux-image-raspi-nolpaeubuntu-upgrade-linux-image-raspi-realtimeubuntu-upgrade-linux-image-raspi-realtime-6-8ubuntu-upgrade-linux-image-realtimeubuntu-upgrade-linux-image-realtime-5-15ubuntu-upgrade-linux-image-realtime-6-14ubuntu-upgrade-linux-image-realtime-6-8-1ubuntu-upgrade-linux-image-realtime-hwe-22-04ubuntu-upgrade-linux-image-realtime-hwe-24-04ubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-5-15ubuntu-upgrade-linux-image-virtual-6-14ubuntu-upgrade-linux-image-virtual-6-8ubuntu-upgrade-linux-image-virtual-hwe-22-04ubuntu-upgrade-linux-image-virtual-hwe-24-04ubuntu-upgrade-linux-image-xilinxubuntu-upgrade-linux-image-xilinx-6-8ubuntu-upgrade-linux-image-xilinx-zynqmpubuntu-upgrade-linux-image-xilinx-zynqmp-5-15

References

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report