Login Sign Up

CVE-2025-38644

5.5 MEDIUM
Denial of Service

📋 TL;DR

This CVE describes a vulnerability in the Linux kernel's WiFi subsystem where TDLS (Tunneled Direct Link Setup) operations could be triggered before a station is fully associated, causing uninitialized memory access. This affects Linux systems using the mac80211 WiFi stack. Attackers could potentially trigger kernel warnings or crashes, but exploitation requires local network access.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific affected versions not specified in CVE, but patches available for multiple stable branches
Operating Systems: Linux distributions using vulnerable kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems using mac80211 WiFi stack in station mode with TDLS capability

📦 What is this software?

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic or system crash leading to denial of service, potentially allowing further exploitation through memory corruption.

🟠

Likely Case

Kernel warning messages in system logs and potential denial of service for WiFi connectivity on affected systems.

🟢

If Mitigated

Kernel warning logged but system remains stable due to early rejection of invalid operations.

🌐 Internet-Facing: LOW - Requires local network access and specific WiFi configuration.
🏢 Internal Only: MEDIUM - Internal attackers on the same network could potentially trigger this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires sending specific TDLS commands at precise timing during WiFi association process

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Multiple stable kernel versions with commits: 0c84204cf0bbe89e454a5caccc6a908bc7db1542, 16ecdab5446f15a61ec88eb0d23d25d009821db0, 31af06b574394530f68a4310c45ecbe2f68853c4, 378ae9ccaea3f445838a087962a067b5cb2e8577, 4df663d4c1ca386dcab2f743dfc9f0cc07aef73c

Vendor Advisory: https://git.kernel.org/stable/c/0c84204cf0bbe89e454a5caccc6a908bc7db1542

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version. 2. Check distribution-specific security advisories. 3. Reboot system after kernel update.

🔧 Temporary Workarounds

Disable TDLS functionality

Linux

Prevent TDLS operations by disabling the feature in WiFi configuration

echo 'options cfg80211 disable_tdls=1' > /etc/modprobe.d/disable-tdls.conf
modprobe -r cfg80211
modprobe cfg80211

🧯 If You Can't Patch

  • Disable TDLS functionality in WiFi configuration
  • Implement network segmentation to limit potential attackers

🔍 How to Verify

Check if Vulnerable:

Check kernel version and verify if TDLS is enabled in WiFi configuration

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes one of the patch commits, check that TDLS operations are properly rejected before association

📡 Detection & Monitoring

Log Indicators:

  • Kernel warnings containing 'WARNING: at net/mac80211/tdls.c' or similar
  • System logs showing TDLS operations failing

Network Indicators:

  • Unusual TDLS protocol packets during WiFi association phase

SIEM Query:

source="kernel" AND ("tdls" OR "ieee80211_tdls_oper") AND ("WARN" OR "warning")

📊 Metadata

CVE ID: CVE-2025-38644
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-908
EPSS Score: 0.02% exploit probability (2.6th percentile)
Published: August 22, 2025
Last Updated: January 7, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-38644, you might also want to check these:

CVE-2021-26305 9.8

CVE-2021-26305 is a deserialization vulnerability in the cdr crate for Rust that allows a malicious ...

Same vulnerability type (CWE-908)
CVE-2020-36443 9.8

This vulnerability in libp2p-deflate crate for Rust allows reading uninitialized memory due to passi...

Same vulnerability type (CWE-908)
CVE-2020-36452 9.8

This vulnerability in the array-tools Rust crate allows attackers to cause memory corruption by expl...

Same vulnerability type (CWE-908)