{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T07:23:59.282","vulnerabilities":[{"cve":{"id":"CVE-2025-39991","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-10-15T08:15:37.197","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load()\n\nIf ab->fw.m3_data points to data, then fw pointer remains null.\nFurther, if m3_mem is not allocated, then fw is dereferenced to be\npassed to ath11k_err function.\n\nReplace fw->size by m3_len.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."}],"metrics":{},"references":[{"url":"https://git.kernel.org/stable/c/1f52119809b76d43759fc47da1cf708690b740a1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/3fd2ef2ae2b5c955584a3bee8e83ae7d7a98f782","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/500fcc31e488d798937a23dbb1f62db46820c5b2","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/888830b2cbc035838bebefe94502976da94332a5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"}]}}]}