{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-38643", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T04:51:24.030Z", "datePublished": "2025-08-22T16:00:49.172Z", "dateUpdated": "2026-05-11T21:32:11.270Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T21:32:11.270Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac()\n\nCallers of wdev_chandef() must hold the wiphy mutex.\n\nBut the worker cfg80211_propagate_cac_done_wk() never takes the lock.\nWhich triggers the warning below with the mesh_peer_connected_dfs\ntest from hostapd and not (yet) released mac80211 code changes:\n\nWARNING: CPU: 0 PID: 495 at net/wireless/chan.c:1552 wdev_chandef+0x60/0x165\nModules linked in:\nCPU: 0 UID: 0 PID: 495 Comm: kworker/u4:2 Not tainted 6.14.0-rc5-wt-g03960e6f9d47 #33 13c287eeabfe1efea01c0bcc863723ab082e17cf\nWorkqueue: cfg80211 cfg80211_propagate_cac_done_wk\nStack:\n 00000000 00000001 ffffff00 6093267c\n 00000000 6002ec30 6d577c50 60037608\n 00000000 67e8d108 6063717b 00000000\nCall Trace:\n [<6002ec30>] ? _printk+0x0/0x98\n [<6003c2b3>] show_stack+0x10e/0x11a\n [<6002ec30>] ? _printk+0x0/0x98\n [<60037608>] dump_stack_lvl+0x71/0xb8\n [<6063717b>] ? wdev_chandef+0x60/0x165\n [<6003766d>] dump_stack+0x1e/0x20\n [<6005d1b7>] __warn+0x101/0x20f\n [<6005d3a8>] warn_slowpath_fmt+0xe3/0x15d\n [<600b0c5c>] ? mark_lock.part.0+0x0/0x4ec\n [<60751191>] ? __this_cpu_preempt_check+0x0/0x16\n [<600b11a2>] ? mark_held_locks+0x5a/0x6e\n [<6005d2c5>] ? warn_slowpath_fmt+0x0/0x15d\n [<60052e53>] ? unblock_signals+0x3a/0xe7\n [<60052f2d>] ? um_set_signals+0x2d/0x43\n [<60751191>] ? __this_cpu_preempt_check+0x0/0x16\n [<607508b2>] ? lock_is_held_type+0x207/0x21f\n [<6063717b>] wdev_chandef+0x60/0x165\n [<605f89b4>] regulatory_propagate_dfs_state+0x247/0x43f\n [<60052f00>] ? um_set_signals+0x0/0x43\n [<605e6bfd>] cfg80211_propagate_cac_done_wk+0x3a/0x4a\n [<6007e460>] process_scheduled_works+0x3bc/0x60e\n [<6007d0ec>] ? move_linked_works+0x4d/0x81\n [<6007d120>] ? assign_work+0x0/0xaa\n [<6007f81f>] worker_thread+0x220/0x2dc\n [<600786ef>] ? set_pf_worker+0x0/0x57\n [<60087c96>] ? to_kthread+0x0/0x43\n [<6008ab3c>] kthread+0x2d3/0x2e2\n [<6007f5ff>] ? worker_thread+0x0/0x2dc\n [<6006c05b>] ? calculate_sigpending+0x0/0x56\n [<6003b37d>] new_thread_handler+0x4a/0x64\nirq event stamp: 614611\nhardirqs last enabled at (614621): [<00000000600bc96b>] __up_console_sem+0x82/0xaf\nhardirqs last disabled at (614630): [<00000000600bc92c>] __up_console_sem+0x43/0xaf\nsoftirqs last enabled at (614268): [<00000000606c55c6>] __ieee80211_wake_queue+0x933/0x985\nsoftirqs last disabled at (614266): [<00000000606c52d6>] __ieee80211_wake_queue+0x643/0x985"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/wireless/reg.c"], "versions": [{"version": "26ec17a1dc5ecdd8d91aba63ead6f8b5ad5dea0d", "lessThan": "defe9ce121160788547e8e6ec4438ad8a14f40dd", "status": "affected", "versionType": "git"}, {"version": "26ec17a1dc5ecdd8d91aba63ead6f8b5ad5dea0d", "lessThan": "b3d24038eb775f2f7a1dfef58d8e1dc444a12820", "status": "affected", "versionType": "git"}, {"version": "26ec17a1dc5ecdd8d91aba63ead6f8b5ad5dea0d", "lessThan": "4a63523d3541eef4cf504a9682e6fbe94ffe79a6", "status": "affected", "versionType": "git"}, {"version": "26ec17a1dc5ecdd8d91aba63ead6f8b5ad5dea0d", "lessThan": "7022df2248c08c6f75a01714163ac902333bf3db", "status": "affected", "versionType": "git"}, {"version": "26ec17a1dc5ecdd8d91aba63ead6f8b5ad5dea0d", "lessThan": "dbce810607726408f889d3358f4780fd1436861e", "status": "affected", "versionType": "git"}, {"version": "26ec17a1dc5ecdd8d91aba63ead6f8b5ad5dea0d", "lessThan": "2c5dee15239f3f3e31aa5c8808f18996c039e2c1", "status": "affected", "versionType": "git"}, {"version": "2dbb6faebb94d6d5ae87e5ea6be9280c366393e1", "status": "affected", "versionType": "git"}, {"version": "a4f85674e4693904ade7cbf6722d0d105d8062d8", "status": "affected", "versionType": "git"}, {"version": "e233cbaf8ecc5859f0417dd53899da4edb477991", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/wireless/reg.c"], "versions": [{"version": "5.5", "status": "affected"}, {"version": "0", "lessThan": "5.5", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.164", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.118", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.57", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.15.10", "lessThanOrEqual": "6.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.16.1", "lessThanOrEqual": "6.16.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.17", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.5", "versionEndExcluding": "6.1.164"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.5", "versionEndExcluding": "6.6.118"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.5", "versionEndExcluding": "6.12.57"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.5", "versionEndExcluding": "6.15.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.5", "versionEndExcluding": "6.16.1"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.5", "versionEndExcluding": "6.17"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.14.170"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19.102"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4.18"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/defe9ce121160788547e8e6ec4438ad8a14f40dd"}, {"url": "https://git.kernel.org/stable/c/b3d24038eb775f2f7a1dfef58d8e1dc444a12820"}, {"url": "https://git.kernel.org/stable/c/4a63523d3541eef4cf504a9682e6fbe94ffe79a6"}, {"url": "https://git.kernel.org/stable/c/7022df2248c08c6f75a01714163ac902333bf3db"}, {"url": "https://git.kernel.org/stable/c/dbce810607726408f889d3358f4780fd1436861e"}, {"url": "https://git.kernel.org/stable/c/2c5dee15239f3f3e31aa5c8808f18996c039e2c1"}], "title": "wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac()", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "483F0C55-BD7E-4F22-87FA-B7E925185143", "versionEndExcluding": "4.15", "versionStartIncluding": "4.14.170", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "F43F85CE-735B-484D-A9C8-92AED3BFF162", "versionEndExcluding": "4.20", "versionStartIncluding": "4.19.102", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "96F6F65F-C278-4ADA-9DFF-7B7DE2F5E450", "versionEndExcluding": "5.5", "versionStartIncluding": "5.4.18", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "901C09B3-81A4-4D6D-AB94-021EEC612417", "versionEndExcluding": "6.6.118", "versionStartIncluding": "5.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "32D87516-EE2C-40AC-B9CD-56534A895341", "versionEndExcluding": "6.12.57", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5890C690-B295-40C2-9121-FF5F987E5142", "versionEndExcluding": "6.15.10", "versionStartIncluding": "6.13", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "58182352-D7DF-4CC9-841E-03C1D852C3FB", "versionEndExcluding": "6.16.1", "versionStartIncluding": "6.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.5:-:*:*:*:*:*:*", "matchCriteriaId": "EE98F46A-F7D9-4609-B6A0-882E7F0D378C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.5:rc7:*:*:*:*:*:*", "matchCriteriaId": "3444D854-CE07-4D25-827A-ECF7BB58EA2D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac()\n\nCallers of wdev_chandef() must hold the wiphy mutex.\n\nBut the worker cfg80211_propagate_cac_done_wk() never takes the lock.\nWhich triggers the warning below with the mesh_peer_connected_dfs\ntest from hostapd and not (yet) released mac80211 code changes:\n\nWARNING: CPU: 0 PID: 495 at net/wireless/chan.c:1552 wdev_chandef+0x60/0x165\nModules linked in:\nCPU: 0 UID: 0 PID: 495 Comm: kworker/u4:2 Not tainted 6.14.0-rc5-wt-g03960e6f9d47 #33 13c287eeabfe1efea01c0bcc863723ab082e17cf\nWorkqueue: cfg80211 cfg80211_propagate_cac_done_wk\nStack:\n 00000000 00000001 ffffff00 6093267c\n 00000000 6002ec30 6d577c50 60037608\n 00000000 67e8d108 6063717b 00000000\nCall Trace:\n [<6002ec30>] ? _printk+0x0/0x98\n [<6003c2b3>] show_stack+0x10e/0x11a\n [<6002ec30>] ? _printk+0x0/0x98\n [<60037608>] dump_stack_lvl+0x71/0xb8\n [<6063717b>] ? wdev_chandef+0x60/0x165\n [<6003766d>] dump_stack+0x1e/0x20\n [<6005d1b7>] __warn+0x101/0x20f\n [<6005d3a8>] warn_slowpath_fmt+0xe3/0x15d\n [<600b0c5c>] ? mark_lock.part.0+0x0/0x4ec\n [<60751191>] ? __this_cpu_preempt_check+0x0/0x16\n [<600b11a2>] ? mark_held_locks+0x5a/0x6e\n [<6005d2c5>] ? warn_slowpath_fmt+0x0/0x15d\n [<60052e53>] ? unblock_signals+0x3a/0xe7\n [<60052f2d>] ? um_set_signals+0x2d/0x43\n [<60751191>] ? __this_cpu_preempt_check+0x0/0x16\n [<607508b2>] ? lock_is_held_type+0x207/0x21f\n [<6063717b>] wdev_chandef+0x60/0x165\n [<605f89b4>] regulatory_propagate_dfs_state+0x247/0x43f\n [<60052f00>] ? um_set_signals+0x0/0x43\n [<605e6bfd>] cfg80211_propagate_cac_done_wk+0x3a/0x4a\n [<6007e460>] process_scheduled_works+0x3bc/0x60e\n [<6007d0ec>] ? move_linked_works+0x4d/0x81\n [<6007d120>] ? assign_work+0x0/0xaa\n [<6007f81f>] worker_thread+0x220/0x2dc\n [<600786ef>] ? set_pf_worker+0x0/0x57\n [<60087c96>] ? to_kthread+0x0/0x43\n [<6008ab3c>] kthread+0x2d3/0x2e2\n [<6007f5ff>] ? worker_thread+0x0/0x2dc\n [<6006c05b>] ? calculate_sigpending+0x0/0x56\n [<6003b37d>] new_thread_handler+0x4a/0x64\nirq event stamp: 614611\nhardirqs last enabled at (614621): [<00000000600bc96b>] __up_console_sem+0x82/0xaf\nhardirqs last disabled at (614630): [<00000000600bc92c>] __up_console_sem+0x43/0xaf\nsoftirqs last enabled at (614268): [<00000000606c55c6>] __ieee80211_wake_queue+0x933/0x985\nsoftirqs last disabled at (614266): [<00000000606c52d6>] __ieee80211_wake_queue+0x643/0x985"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: cfg80211: Se ha a\u00f1adido un bloqueo faltante en cfg80211_check_and_end_cac(). Quienes llaman a wdev_chandef() deben mantener el mutex de wiphy. Sin embargo, el trabajador cfg80211_propagate_cac_done_wk() nunca asume el bloqueo. Lo que activa la advertencia a continuaci\u00f3n con la prueba mesh_peer_connected_dfs de hostapd y los cambios de c\u00f3digo mac80211 no publicados (a\u00fan): ADVERTENCIA: CPU: 0 PID: 495 en net/wireless/chan.c:1552 wdev_chandef+0x60/0x165 M\u00f3dulos vinculados: CPU: 0 UID: 0 PID: 495 Comm: kworker/u4:2 No contaminado 6.14.0-rc5-wt-g03960e6f9d47 #33 13c287eeabfe1efea01c0bcc863723ab082e17cf Cola de trabajo: cfg80211 cfg80211_propagate_cac_done_wk Pila: 00000000 00000001 ffffff00 6093267c 00000000 6002ec30 6d577c50 60037608 00000000 67e8d108 6063717b 00000000 Rastreo de llamadas: [&lt;6002ec30&gt;] ? _printk+0x0/0x98 [&lt;6003c2b3&gt;] show_stack+0x10e/0x11a [&lt;6002ec30&gt;] ? _printk+0x0/0x98 [&lt;60037608&gt;] dump_stack_lvl+0x71/0xb8 [&lt;6063717b&gt;] ? __warn+0x101/0x20f [&lt;6005d3a8&gt;] warn_slowpath_fmt+0xe3/0x15d [&lt;600b0c5c&gt;] ? mark_lock.part.0+0x0/0x4ec [&lt;60751191&gt;] ? __this_cpu_preempt_check+0x0/0x16 [&lt;600b11a2&gt;] ? mark_held_locks+0x5a/0x6e [&lt;6005d2c5&gt;] ? warn_slowpath_fmt+0x0/0x15d [&lt;60052e53&gt;] ? unblock_signals+0x3a/0xe7 [&lt;60052f2d&gt;] ? um_set_signals+0x2d/0x43 [&lt;60751191&gt;] ? __this_cpu_preempt_check+0x0/0x16 [&lt;607508b2&gt;] ? lock_is_held_type+0x207/0x21f [&lt;6063717b&gt;] wdev_chandef+0x60/0x165 [&lt;605f89b4&gt;] regulatory_propagate_dfs_state+0x247/0x43f [&lt;60052f00&gt;] ? um_set_signals+0x0/0x43 [&lt;605e6bfd&gt;] cfg80211_propagate_cac_done_wk+0x3a/0x4a [&lt;6007e460&gt;] proceso_trabajos_programados+0x3bc/0x60e [&lt;6007d0ec&gt;] ? mover_trabajos_vinculados+0x4d/0x81 [&lt;6007d120&gt;] ? asignar_trabajo+0x0/0xaa [&lt;6007f81f&gt;] subproceso_trabajador+0x220/0x2dc [&lt;600786ef&gt;] ? establecer_pf_trabajador+0x0/0x57 [&lt;60087c96&gt;] ? hilo_trabajador+0x0/0x2dc [&lt;6006c05b&gt;] ? calculate_sigpending+0x0/0x56 [&lt;6003b37d&gt;] new_thread_handler+0x4a/0x64 marca de evento de irq: 614611 hardirqs habilitados por \u00faltima vez en (614621): [&lt;00000000600bc96b&gt;] __up_console_sem+0x82/0xaf hardirqs deshabilitados por \u00faltima vez en (614630): [&lt;00000000600bc92c&gt;] __up_console_sem+0x43/0xaf softirqs habilitados por \u00faltima vez en (614268): [&lt;00000000606c55c6&gt;] __ieee80211_wake_queue+0x933/0x985 softirqs deshabilitados por \u00faltima vez en (614266): [&lt;00000000606c52d6&gt;] __ieee80211_wake_queue+0x643/0x985"}], "id": "CVE-2025-38643", "lastModified": "2026-03-17T16:15:09.467", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-08-22T16:15:38.417", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2c5dee15239f3f3e31aa5c8808f18996c039e2c1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4a63523d3541eef4cf504a9682e6fbe94ffe79a6"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/7022df2248c08c6f75a01714163ac902333bf3db"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b3d24038eb775f2f7a1dfef58d8e1dc444a12820"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/dbce810607726408f889d3358f4780fd1436861e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/defe9ce121160788547e8e6ec4438ad8a14f40dd"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-667"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac()", "id": "2390401", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2390401"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nwifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac()\nCallers of wdev_chandef() must hold the wiphy mutex.\nBut the worker cfg80211_propagate_cac_done_wk() never takes the lock.\nWhich triggers the warning below with the mesh_peer_connected_dfs\ntest from hostapd and not (yet) released mac80211 code changes:\nWARNING: CPU: 0 PID: 495 at net/wireless/chan.c:1552 wdev_chandef+0x60/0x165\nModules linked in:\nCPU: 0 UID: 0 PID: 495 Comm: kworker/u4:2 Not tainted 6.14.0-rc5-wt-g03960e6f9d47 #33 13c287eeabfe1efea01c0bcc863723ab082e17cf\nWorkqueue: cfg80211 cfg80211_propagate_cac_done_wk\nStack:\n00000000 00000001 ffffff00 6093267c\n00000000 6002ec30 6d577c50 60037608\n00000000 67e8d108 6063717b 00000000\nCall Trace:\n[<6002ec30>] ? _printk+0x0/0x98\n[<6003c2b3>] show_stack+0x10e/0x11a\n[<6002ec30>] ? _printk+0x0/0x98\n[<60037608>] dump_stack_lvl+0x71/0xb8\n[<6063717b>] ? wdev_chandef+0x60/0x165\n[<6003766d>] dump_stack+0x1e/0x20\n[<6005d1b7>] __warn+0x101/0x20f\n[<6005d3a8>] warn_slowpath_fmt+0xe3/0x15d\n[<600b0c5c>] ? mark_lock.part.0+0x0/0x4ec\n[<60751191>] ? __this_cpu_preempt_check+0x0/0x16\n[<600b11a2>] ? mark_held_locks+0x5a/0x6e\n[<6005d2c5>] ? warn_slowpath_fmt+0x0/0x15d\n[<60052e53>] ? unblock_signals+0x3a/0xe7\n[<60052f2d>] ? um_set_signals+0x2d/0x43\n[<60751191>] ? __this_cpu_preempt_check+0x0/0x16\n[<607508b2>] ? lock_is_held_type+0x207/0x21f\n[<6063717b>] wdev_chandef+0x60/0x165\n[<605f89b4>] regulatory_propagate_dfs_state+0x247/0x43f\n[<60052f00>] ? um_set_signals+0x0/0x43\n[<605e6bfd>] cfg80211_propagate_cac_done_wk+0x3a/0x4a\n[<6007e460>] process_scheduled_works+0x3bc/0x60e\n[<6007d0ec>] ? move_linked_works+0x4d/0x81\n[<6007d120>] ? assign_work+0x0/0xaa\n[<6007f81f>] worker_thread+0x220/0x2dc\n[<600786ef>] ? set_pf_worker+0x0/0x57\n[<60087c96>] ? to_kthread+0x0/0x43\n[<6008ab3c>] kthread+0x2d3/0x2e2\n[<6007f5ff>] ? worker_thread+0x0/0x2dc\n[<6006c05b>] ? calculate_sigpending+0x0/0x56\n[<6003b37d>] new_thread_handler+0x4a/0x64\nirq event stamp: 614611\nhardirqs last enabled at (614621): [<00000000600bc96b>] __up_console_sem+0x82/0xaf\nhardirqs last disabled at (614630): [<00000000600bc92c>] __up_console_sem+0x43/0xaf\nsoftirqs last enabled at (614268): [<00000000606c55c6>] __ieee80211_wake_queue+0x933/0x985\nsoftirqs last disabled at (614266): [<00000000606c52d6>] __ieee80211_wake_queue+0x643/0x985"], "name": "CVE-2025-38643", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-08-22T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-38643\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-38643\nhttps://lore.kernel.org/linux-cve-announce/2025082235-CVE-2025-38643-a281@gregkh/T"], "threat_severity": "Low"}

{"created": "2025-08-23T10:55:24.272034+00:00", "updated": "2025-08-23T10:55:24.272086+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}