CVE-2025-38657

{"id": "CVE-2025-38657", "cveTags": [], "metrics": {}, "published": "2025-08-22T16:15:40.777", "references": [{"url": "https://git.kernel.org/stable/c/417cfa9cc44fbe6bceab786f9a4ee5a210f1288e", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/53cf488927a0f79968f9c03c4d1e00d2a79731c3", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: mcc: prevent shift wrapping in rtw89_core_mlsr_switch()\n\nThe \"link_id\" value comes from the user via debugfs. If it's larger\nthan BITS_PER_LONG then that would result in shift wrapping and\npotentially an out of bounds access later. In fact, we can limit it\nto IEEE80211_MLD_MAX_NUM_LINKS (15).\n\nFortunately, only root can write to debugfs files so the security\nimpact is minimal."}], "lastModified": "2025-08-22T18:08:51.663", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}