EUVD-2025-205068

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix MSDU buffer types handling in RX error path Currently, packets received on the REO exception ring from unassociated peers are of MSDU buffer type, while the driver expects link descriptor type packets. These...

CVE-2025-68729 wifi: ath12k: Fix MSDU buffer types handling in RX error path

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix MSDU buffer types handling in RX error path Currently, packets received on the REO exception ring from unassociated peers are of MSDU buffer type, while the driver expects link descriptor type packets. These...

CVE-2025-68729

The CVE-2025-68729 entry documents a Linux kernel issue in ath12k where MSDU buffer type packets received on the REO exception ring from unassociated peers were mis-parsed as link descriptor packets. The underlying cause was not freeing the skb, risking kernel crashes and buffer leaks. The provid...

kernel: wifi: cfg80211: check A-MSDU format more carefully

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: check A-MSDU format more carefully If it looks like there's another subframe in the A-MSDU but the header isn't fully there, we can end up reading data out of bounds, only to discard later. Make this a bit more...