{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-07T14:53:59.547","vulnerabilities":[{"cve":{"id":"CVE-2025-37944","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-05-20T16:15:32.310","lastModified":"2025-11-17T12:57:39.790","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process\n\nCurrently, ath12k_dp_mon_srng_process uses ath12k_hal_srng_src_get_next_entry\nto fetch the next entry from the destination ring. This is incorrect because\nath12k_hal_srng_src_get_next_entry is intended for source rings, not destination\nrings. This leads to invalid entry fetches, causing potential data corruption or\ncrashes due to accessing incorrect memory locations. This happens because the\nsource ring and destination ring have different handling mechanisms and using\nthe wrong function results in incorrect pointer arithmetic and ring management.\n\nTo fix this issue, replace the call to ath12k_hal_srng_src_get_next_entry with\nath12k_hal_srng_dst_get_next_entry in ath12k_dp_mon_srng_process. This ensures\nthat the correct function is used for fetching entries from the destination\nring, preventing invalid memory accesses.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1\nTested-on: WCN7850 hw2.0 WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3"},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: ath12k: Se corrige la obtención de entrada no válida en ath12k_dp_mon_srng_process Actualmente, ath12k_dp_mon_srng_process usa ath12k_hal_srng_src_get_next_entry para obtener la siguiente entrada del anillo de destino. Esto es incorrecto porque ath12k_hal_srng_src_get_next_entry está diseñado para anillos de origen, no de destino. Esto conduce a la obtención de entradas no válidas, lo que puede causar corrupción de datos o bloqueos debido al acceso a ubicaciones de memoria incorrectas. Esto sucede porque el anillo de origen y el anillo de destino tienen diferentes mecanismos de manejo y el uso de la función incorrecta da como resultado una aritmética de punteros y una gestión del anillo incorrectas. Para solucionar este problema, reemplace la llamada a ath12k_hal_srng_src_get_next_entry por ath12k_hal_srng_dst_get_next_entry en ath12k_dp_mon_srng_process. Esto garantiza que se utilice la función correcta para obtener entradas del anillo de destino, evitando accesos no válidos a la memoria. Probado en: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1. Probado en: WCN7850 hw2.0 WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.3","versionEndExcluding":"6.6.88","matchCriteriaId":"E490AC3E-4FCB-404E-B82F-0DE1390D06A2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.25","matchCriteriaId":"8E59EE65-FA6B-4AE4-8125-26135E28BF35"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.13.12","matchCriteriaId":"4A475784-BF3B-4514-81EE-49C8522FB24A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.14","versionEndExcluding":"6.14.4","matchCriteriaId":"5722F93B-F696-460E-B30C-6757CB22FAB4"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/298f0aea5cb32b5038f991f5db201a0fcbb9a31b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2c512f2eadabb1e80816116894ffaf7d802a944e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/63fdc4509bcf483e79548de6bc08bf3c8e504bb3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ab7edf42ce800eb34d2f73dd7271b826661a06a5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b6a3b2b2cead103089d3bb7a57d8209bdfa5399d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}