CVE-2025-38601
📋 TL;DR
A use-after-free vulnerability in the Linux kernel's ath11k WiFi driver allows kernel memory corruption when the driver fails to properly clear initialization flags during crash recovery. This affects Linux systems using Qualcomm Atheros ath11k WiFi hardware. The vulnerability can lead to kernel panics and system crashes.
💻 Affected Systems
- Linux kernel with ath11k WiFi driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially requiring physical access to restart affected systems.
Likely Case
System instability and crashes during WiFi driver crash recovery scenarios, particularly when resuming from suspend states.
If Mitigated
Minor system instability that may require manual intervention to recover WiFi functionality.
🎯 Exploit Status
Exploitation requires specific hardware and driver state during crash recovery. No known public exploits.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Linux kernel versions containing commits 0ebb5fe494501c19f31270008b26ab95201af6fd, 16872194c80f2724472fc207991712895ac8a230, 3a6daae987a829534636fd85ed6f84d5f0ad7fa4, 5bf201c55fdf303e79005038648dfa1e8af48f54, or 72a48be1f53942793f3bc68a37fad1f38b53b082
Vendor Advisory: https://git.kernel.org/stable/c/0ebb5fe494501c19f31270008b26ab95201af6fd
Restart Required: No
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. For distributions: Use package manager to update kernel package. 3. For custom kernels: Apply the relevant git commits to ath11k driver code.
🔧 Temporary Workarounds
Disable ath11k WiFi
LinuxTemporarily disable the ath11k WiFi driver to prevent vulnerability triggering
sudo modprobe -r ath11k_pci
sudo modprobe -r ath11k
Disable system suspend
systemd-based LinuxPrevent system from entering suspend states where vulnerability is likely to trigger
sudo systemctl mask sleep.target suspend.target hibernate.target hybrid-sleep.target
🧯 If You Can't Patch
- Monitor system logs for ath11k crash recovery events and kernel panics
- Consider using alternative WiFi hardware or USB WiFi adapters without ath11k driver
🔍 How to Verify
Check if Vulnerable:
Check if system uses ath11k driver: lsmod | grep ath11k. Check kernel version: uname -r. Check if kernel contains vulnerable code by examining ath11k driver version.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits. Check dmesg for absence of ath11k crash recovery failures and kernel panics related to ath11k_hal_dump_srng_stats.📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages with ath11k_hal_dump_srng_stats in call trace
- ath11k crash recovery failure messages in dmesg
- Page fault errors related to ath11k driver
Network Indicators:
- WiFi connectivity loss followed by system instability
SIEM Query:
source="kernel" AND ("ath11k" AND ("panic" OR "page fault" OR "crash recovery"))🔗 References
- https://git.kernel.org/stable/c/0ebb5fe494501c19f31270008b26ab95201af6fd
- https://git.kernel.org/stable/c/16872194c80f2724472fc207991712895ac8a230
- https://git.kernel.org/stable/c/3a6daae987a829534636fd85ed6f84d5f0ad7fa4
- https://git.kernel.org/stable/c/5bf201c55fdf303e79005038648dfa1e8af48f54
- https://git.kernel.org/stable/c/72a48be1f53942793f3bc68a37fad1f38b53b082
- https://git.kernel.org/stable/c/916ac18d526a26f6072866b1a97622cf1351ef1c
- https://git.kernel.org/stable/c/a5b46aa7cf5f05c213316a018e49a8e086efd98e
- https://git.kernel.org/stable/c/eff3bb53c18c0ed4ab6f43d412b3ed3aecad52d5
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
