CVE-2025-38013
📋 TL;DR
This CVE-2025-38013 is a Linux kernel vulnerability in the WiFi subsystem where an uninitialized memory pointer in the cfg80211_scan_request structure can cause array index out-of-bounds access during WiFi scanning operations. It affects Linux systems with WiFi capabilities and can lead to kernel crashes or potential privilege escalation. The vulnerability was discovered through syzkaller fuzzing.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash, or potential privilege escalation to kernel mode allowing full system compromise.
Likely Case
System instability, kernel crashes, or denial of service when WiFi scanning operations are performed.
If Mitigated
System remains stable with proper patching; unpatched systems may experience crashes during WiFi operations.
🎯 Exploit Status
Exploitation requires local access and ability to trigger WiFi scanning operations; discovered through syzkaller fuzzing.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in stable kernel branches (commits: 07c737d9ab02c07b562aefcca16aa95077368e24, 82bbe02b2500ef0a62053fe2eb84773fe31c5a0a, e3192e999a0d05ea0ba2c59c09afaf0b8ee70b81, fde33ab3c052a302ee8a0b739094b88ceae4dd67)
Vendor Advisory: https://git.kernel.org/stable/c/07c737d9ab02c07b562aefcca16aa95077368e24
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.
🔧 Temporary Workarounds
Disable WiFi scanning
linuxPrevent WiFi scanning operations that trigger the vulnerability
# Disable WiFi interface
sudo ip link set wlan0 down
# Or disable WiFi module
sudo modprobe -r <wifi_driver_module>
🧯 If You Can't Patch
- Disable WiFi functionality on affected systems
- Implement strict access controls to prevent unauthorized users from triggering WiFi operations
🔍 How to Verify
Check if Vulnerable:
Check kernel version and compare with patched versions from distribution vendor; systems with WiFi capabilities and unpatched kernels are vulnerable.Check Version:
uname -rVerify Fix Applied:
Check kernel version after update matches patched version; verify system stability during WiFi scanning operations.📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- UBSAN array-index-out-of-bounds errors in dmesg
- WiFi scanning failures
Network Indicators:
- Unusual WiFi scanning patterns from single host
SIEM Query:
Search for 'UBSAN: array-index-out-of-bounds' OR 'mac80211 scan.c' in kernel logs