Volerion logoVolerion
Volerion logoVolerion

Linux Kernel ath11k QMI Message Handler Initialization Vulnerability

Vulnerability

A vulnerability in the Linux kernel's ath11k wireless driver has been addressed. The issue arose because the QMI message handler was not properly null-terminated, potentially leading to an infinite loop and out-of-bounds access when searching for message handlers. This vulnerability was present in several versions of the Linux kernel.

Impact

The vulnerability could cause an infinite loop while searching for a message handler, leading to out-of-bounds access in the QMI invoke handler function. This type of memory corruption can often be exploited to execute arbitrary code or cause a denial-of-service condition.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. The specific commit addressing this issue is available in the Linux kernel stable tree.

Added: Dec 30, 2025, 4:55 PM
Updated: Dec 30, 2025, 4:55 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
5.3
remediation
7.7
relevance
1.8
threat
3.2
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.