{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T15:37:14.854","vulnerabilities":[{"cve":{"id":"CVE-2025-38643","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-08-22T16:15:38.417","lastModified":"2026-03-17T16:15:09.467","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac()\n\nCallers of wdev_chandef() must hold the wiphy mutex.\n\nBut the worker cfg80211_propagate_cac_done_wk() never takes the lock.\nWhich triggers the warning below with the mesh_peer_connected_dfs\ntest from hostapd and not (yet) released mac80211 code changes:\n\nWARNING: CPU: 0 PID: 495 at net/wireless/chan.c:1552 wdev_chandef+0x60/0x165\nModules linked in:\nCPU: 0 UID: 0 PID: 495 Comm: kworker/u4:2 Not tainted 6.14.0-rc5-wt-g03960e6f9d47 #33 13c287eeabfe1efea01c0bcc863723ab082e17cf\nWorkqueue: cfg80211 cfg80211_propagate_cac_done_wk\nStack:\n 00000000 00000001 ffffff00 6093267c\n 00000000 6002ec30 6d577c50 60037608\n 00000000 67e8d108 6063717b 00000000\nCall Trace:\n [<6002ec30>] ? _printk+0x0/0x98\n [<6003c2b3>] show_stack+0x10e/0x11a\n [<6002ec30>] ? _printk+0x0/0x98\n [<60037608>] dump_stack_lvl+0x71/0xb8\n [<6063717b>] ? wdev_chandef+0x60/0x165\n [<6003766d>] dump_stack+0x1e/0x20\n [<6005d1b7>] __warn+0x101/0x20f\n [<6005d3a8>] warn_slowpath_fmt+0xe3/0x15d\n [<600b0c5c>] ? mark_lock.part.0+0x0/0x4ec\n [<60751191>] ? __this_cpu_preempt_check+0x0/0x16\n [<600b11a2>] ? mark_held_locks+0x5a/0x6e\n [<6005d2c5>] ? warn_slowpath_fmt+0x0/0x15d\n [<60052e53>] ? unblock_signals+0x3a/0xe7\n [<60052f2d>] ? um_set_signals+0x2d/0x43\n [<60751191>] ? __this_cpu_preempt_check+0x0/0x16\n [<607508b2>] ? lock_is_held_type+0x207/0x21f\n [<6063717b>] wdev_chandef+0x60/0x165\n [<605f89b4>] regulatory_propagate_dfs_state+0x247/0x43f\n [<60052f00>] ? um_set_signals+0x0/0x43\n [<605e6bfd>] cfg80211_propagate_cac_done_wk+0x3a/0x4a\n [<6007e460>] process_scheduled_works+0x3bc/0x60e\n [<6007d0ec>] ? move_linked_works+0x4d/0x81\n [<6007d120>] ? assign_work+0x0/0xaa\n [<6007f81f>] worker_thread+0x220/0x2dc\n [<600786ef>] ? set_pf_worker+0x0/0x57\n [<60087c96>] ? to_kthread+0x0/0x43\n [<6008ab3c>] kthread+0x2d3/0x2e2\n [<6007f5ff>] ? worker_thread+0x0/0x2dc\n [<6006c05b>] ? calculate_sigpending+0x0/0x56\n [<6003b37d>] new_thread_handler+0x4a/0x64\nirq event stamp: 614611\nhardirqs last  enabled at (614621): [<00000000600bc96b>] __up_console_sem+0x82/0xaf\nhardirqs last disabled at (614630): [<00000000600bc92c>] __up_console_sem+0x43/0xaf\nsoftirqs last  enabled at (614268): [<00000000606c55c6>] __ieee80211_wake_queue+0x933/0x985\nsoftirqs last disabled at (614266): [<00000000606c52d6>] __ieee80211_wake_queue+0x643/0x985"},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: cfg80211: Se ha añadido un bloqueo faltante en cfg80211_check_and_end_cac(). Quienes llaman a wdev_chandef() deben mantener el mutex de wiphy. Sin embargo, el trabajador cfg80211_propagate_cac_done_wk() nunca asume el bloqueo. Lo que activa la advertencia a continuación con la prueba mesh_peer_connected_dfs de hostapd y los cambios de código mac80211 no publicados (aún): ADVERTENCIA: CPU: 0 PID: 495 en net/wireless/chan.c:1552 wdev_chandef+0x60/0x165 Módulos vinculados: CPU: 0 UID: 0 PID: 495 Comm: kworker/u4:2 No contaminado 6.14.0-rc5-wt-g03960e6f9d47 #33 13c287eeabfe1efea01c0bcc863723ab082e17cf Cola de trabajo: cfg80211 cfg80211_propagate_cac_done_wk Pila: 00000000 00000001 ffffff00 6093267c 00000000 6002ec30 6d577c50 60037608 00000000 67e8d108 6063717b 00000000 Rastreo de llamadas: [&lt;6002ec30&gt;] ? _printk+0x0/0x98 [&lt;6003c2b3&gt;] show_stack+0x10e/0x11a [&lt;6002ec30&gt;] ? _printk+0x0/0x98 [&lt;60037608&gt;] dump_stack_lvl+0x71/0xb8 [&lt;6063717b&gt;] ? __warn+0x101/0x20f [&lt;6005d3a8&gt;] warn_slowpath_fmt+0xe3/0x15d [&lt;600b0c5c&gt;] ? mark_lock.part.0+0x0/0x4ec [&lt;60751191&gt;] ? __this_cpu_preempt_check+0x0/0x16 [&lt;600b11a2&gt;] ? mark_held_locks+0x5a/0x6e [&lt;6005d2c5&gt;] ? warn_slowpath_fmt+0x0/0x15d [&lt;60052e53&gt;] ? unblock_signals+0x3a/0xe7 [&lt;60052f2d&gt;] ? um_set_signals+0x2d/0x43 [&lt;60751191&gt;] ? __this_cpu_preempt_check+0x0/0x16 [&lt;607508b2&gt;] ? lock_is_held_type+0x207/0x21f [&lt;6063717b&gt;] wdev_chandef+0x60/0x165 [&lt;605f89b4&gt;] regulatory_propagate_dfs_state+0x247/0x43f [&lt;60052f00&gt;] ? um_set_signals+0x0/0x43 [&lt;605e6bfd&gt;] cfg80211_propagate_cac_done_wk+0x3a/0x4a [&lt;6007e460&gt;] proceso_trabajos_programados+0x3bc/0x60e [&lt;6007d0ec&gt;] ? mover_trabajos_vinculados+0x4d/0x81 [&lt;6007d120&gt;] ? asignar_trabajo+0x0/0xaa [&lt;6007f81f&gt;] subproceso_trabajador+0x220/0x2dc [&lt;600786ef&gt;] ? establecer_pf_trabajador+0x0/0x57 [&lt;60087c96&gt;] ? hilo_trabajador+0x0/0x2dc [&lt;6006c05b&gt;] ? calculate_sigpending+0x0/0x56 [&lt;6003b37d&gt;] new_thread_handler+0x4a/0x64 marca de evento de irq: 614611 hardirqs habilitados por última vez en (614621): [&lt;00000000600bc96b&gt;] __up_console_sem+0x82/0xaf hardirqs deshabilitados por última vez en (614630): [&lt;00000000600bc92c&gt;] __up_console_sem+0x43/0xaf softirqs habilitados por última vez en (614268): [&lt;00000000606c55c6&gt;] __ieee80211_wake_queue+0x933/0x985 softirqs deshabilitados por última vez en (614266): [&lt;00000000606c52d6&gt;] __ieee80211_wake_queue+0x643/0x985"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-667"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14.170","versionEndExcluding":"4.15","matchCriteriaId":"483F0C55-BD7E-4F22-87FA-B7E925185143"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.102","versionEndExcluding":"4.20","matchCriteriaId":"F43F85CE-735B-484D-A9C8-92AED3BFF162"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4.18","versionEndExcluding":"5.5","matchCriteriaId":"96F6F65F-C278-4ADA-9DFF-7B7DE2F5E450"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5.1","versionEndExcluding":"6.6.118","matchCriteriaId":"901C09B3-81A4-4D6D-AB94-021EEC612417"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.57","matchCriteriaId":"32D87516-EE2C-40AC-B9CD-56534A895341"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.15.10","matchCriteriaId":"5890C690-B295-40C2-9121-FF5F987E5142"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.16","versionEndExcluding":"6.16.1","matchCriteriaId":"58182352-D7DF-4CC9-841E-03C1D852C3FB"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.5:-:*:*:*:*:*:*","matchCriteriaId":"EE98F46A-F7D9-4609-B6A0-882E7F0D378C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.5:rc7:*:*:*:*:*:*","matchCriteriaId":"3444D854-CE07-4D25-827A-ECF7BB58EA2D"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/2c5dee15239f3f3e31aa5c8808f18996c039e2c1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4a63523d3541eef4cf504a9682e6fbe94ffe79a6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7022df2248c08c6f75a01714163ac902333bf3db","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b3d24038eb775f2f7a1dfef58d8e1dc444a12820","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/dbce810607726408f889d3358f4780fd1436861e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/defe9ce121160788547e8e6ec4438ad8a14f40dd","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}