CVE-2025-38096 — Resource Injection in Linux
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 96.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 3
Latest updateDec 3
Description
In the Linux kernel, the following vulnerability has been resolved:
wifi: iwlwifi: don't warn when if there is a FW error
iwl_trans_reclaim is warning if it is called when the FW is not alive.
But if it is called when there is a pending restart, i.e. after a FW
error, there is no need to warn, instead - return silently.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages21 packages
Patches
🔴Vulnerability Details
9OSV▶
linux, linux-aws, linux-gcp, linux-gcp-6.14, linux-oracle, linux-realtime vulnerabilities↗2025-12-03