CVE-2025-39746 (GCVE-0-2025-39746)
Vulnerability from cvelistv5
Published
2025-09-11 16:52
Modified
2025-09-15 12:14
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
wifi: ath10k: shutdown driver when hardware is unreliable
In rare cases, ath10k may lose connection with the PCIe bus due to
some unknown reasons, which could further lead to system crashes during
resuming due to watchdog timeout:
ath10k_pci 0000:01:00.0: wmi command 20486 timeout, restarting hardware
ath10k_pci 0000:01:00.0: already restarting
ath10k_pci 0000:01:00.0: failed to stop WMI vdev 0: -11
ath10k_pci 0000:01:00.0: failed to stop vdev 0: -11
ieee80211 phy0: PM: **** DPM device timeout ****
Call Trace:
panic+0x125/0x315
dpm_watchdog_set+0x54/0x54
dpm_watchdog_handler+0x57/0x57
call_timer_fn+0x31/0x13c
At this point, all WMI commands will timeout and attempt to restart
device. So set a threshold for consecutive restart failures. If the
threshold is exceeded, consider the hardware is unreliable and all
ath10k operations should be skipped to avoid system crash.
fail_cont_count and pending_recovery are atomic variables, and
do not involve complex conditional logic. Therefore, even if recovery
check and reconfig complete are executed concurrently, the recovery
mechanism will not be broken.
Tested-on: QCA6174 hw3.2 PCI WLAN.RM.4.4.1-00288-QCARMSWPZ-1
References
Impacted products
{ "containers": { "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/wireless/ath/ath10k/core.c", "drivers/net/wireless/ath/ath10k/core.h", "drivers/net/wireless/ath/ath10k/mac.c", "drivers/net/wireless/ath/ath10k/wmi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "201c9b4485edc618863a60f97a2d88bddd139467", "status": "affected", "version": "5e3dd157d7e70f0e3cea3f2573ed69fb156a19d5", "versionType": "git" }, { "lessThan": "e36991bddf8be63e79659f654cdb1722db4e8132", "status": "affected", "version": "5e3dd157d7e70f0e3cea3f2573ed69fb156a19d5", "versionType": "git" }, { "lessThan": "84ca5632b8d05d1c2e25604d1d63434b2fb61c85", "status": "affected", "version": "5e3dd157d7e70f0e3cea3f2573ed69fb156a19d5", "versionType": "git" }, { "lessThan": "c256a94d1b1b15109740306f7f2a7c2173e12072", "status": "affected", "version": "5e3dd157d7e70f0e3cea3f2573ed69fb156a19d5", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/wireless/ath/ath10k/core.c", "drivers/net/wireless/ath/ath10k/core.h", "drivers/net/wireless/ath/ath10k/mac.c", "drivers/net/wireless/ath/ath10k/wmi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "3.11" }, { "lessThan": "3.11", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.12.*", "status": "unaffected", "version": "6.12.43", "versionType": "semver" }, { "lessThanOrEqual": "6.15.*", "status": "unaffected", "version": "6.15.11", "versionType": "semver" }, { "lessThanOrEqual": "6.16.*", "status": "unaffected", "version": "6.16.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.17-rc1", "versionType": "original_commit_for_fix" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.12.43", "versionStartIncluding": "3.11", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.15.11", "versionStartIncluding": "3.11", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.16.2", "versionStartIncluding": "3.11", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.17-rc1", "versionStartIncluding": "3.11", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath10k: shutdown driver when hardware is unreliable\n\nIn rare cases, ath10k may lose connection with the PCIe bus due to\nsome unknown reasons, which could further lead to system crashes during\nresuming due to watchdog timeout:\n\nath10k_pci 0000:01:00.0: wmi command 20486 timeout, restarting hardware\nath10k_pci 0000:01:00.0: already restarting\nath10k_pci 0000:01:00.0: failed to stop WMI vdev 0: -11\nath10k_pci 0000:01:00.0: failed to stop vdev 0: -11\nieee80211 phy0: PM: **** DPM device timeout ****\nCall Trace:\n panic+0x125/0x315\n dpm_watchdog_set+0x54/0x54\n dpm_watchdog_handler+0x57/0x57\n call_timer_fn+0x31/0x13c\n\nAt this point, all WMI commands will timeout and attempt to restart\ndevice. So set a threshold for consecutive restart failures. If the\nthreshold is exceeded, consider the hardware is unreliable and all\nath10k operations should be skipped to avoid system crash.\n\nfail_cont_count and pending_recovery are atomic variables, and\ndo not involve complex conditional logic. Therefore, even if recovery\ncheck and reconfig complete are executed concurrently, the recovery\nmechanism will not be broken.\n\nTested-on: QCA6174 hw3.2 PCI WLAN.RM.4.4.1-00288-QCARMSWPZ-1" } ], "providerMetadata": { "dateUpdated": "2025-09-15T12:14:29.976Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/201c9b4485edc618863a60f97a2d88bddd139467" }, { "url": "https://git.kernel.org/stable/c/e36991bddf8be63e79659f654cdb1722db4e8132" }, { "url": "https://git.kernel.org/stable/c/84ca5632b8d05d1c2e25604d1d63434b2fb61c85" }, { "url": "https://git.kernel.org/stable/c/c256a94d1b1b15109740306f7f2a7c2173e12072" } ], "title": "wifi: ath10k: shutdown driver when hardware is unreliable", "x_generator": { "engine": "bippy-1.2.0" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2025-39746", "datePublished": "2025-09-11T16:52:19.112Z", "dateReserved": "2025-04-16T07:20:57.121Z", "dateUpdated": "2025-09-15T12:14:29.976Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2025-39746\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-09-11T17:15:37.890\",\"lastModified\":\"2025-09-15T15:22:38.297\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nwifi: ath10k: shutdown driver when hardware is unreliable\\n\\nIn rare cases, ath10k may lose connection with the PCIe bus due to\\nsome unknown reasons, which could further lead to system crashes during\\nresuming due to watchdog timeout:\\n\\nath10k_pci 0000:01:00.0: wmi command 20486 timeout, restarting hardware\\nath10k_pci 0000:01:00.0: already restarting\\nath10k_pci 0000:01:00.0: failed to stop WMI vdev 0: -11\\nath10k_pci 0000:01:00.0: failed to stop vdev 0: -11\\nieee80211 phy0: PM: **** DPM device timeout ****\\nCall Trace:\\n panic+0x125/0x315\\n dpm_watchdog_set+0x54/0x54\\n dpm_watchdog_handler+0x57/0x57\\n call_timer_fn+0x31/0x13c\\n\\nAt this point, all WMI commands will timeout and attempt to restart\\ndevice. So set a threshold for consecutive restart failures. If the\\nthreshold is exceeded, consider the hardware is unreliable and all\\nath10k operations should be skipped to avoid system crash.\\n\\nfail_cont_count and pending_recovery are atomic variables, and\\ndo not involve complex conditional logic. Therefore, even if recovery\\ncheck and reconfig complete are executed concurrently, the recovery\\nmechanism will not be broken.\\n\\nTested-on: QCA6174 hw3.2 PCI WLAN.RM.4.4.1-00288-QCARMSWPZ-1\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/201c9b4485edc618863a60f97a2d88bddd139467\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/84ca5632b8d05d1c2e25604d1d63434b2fb61c85\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/c256a94d1b1b15109740306f7f2a7c2173e12072\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/e36991bddf8be63e79659f654cdb1722db4e8132\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}" } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…