Linux Kernel ath11k RCU Stall Vulnerability Leading to Kernel Crash

Vulnerability

A vulnerability in the Linux kernel's ath11k Wi-Fi driver can cause a kernel crash due to a stall in the Read-Copy-Update (RCU) process. This issue arises when the driver processes the monitor destination ring and attempts to reap Medium Access Control Service Data Units (MSDUs) from the link descriptor based on the buffer ID (buf_id). Occasionally, the driver fails to retrieve a valid buffer corresponding to the buf_id received from the hardware, leading to an infinite loop in destination processing. The problem is evidenced by repeated log entries indicating invalid buf_ids and failed attempts to process them, which ultimately result in a kernel crash.

Impact

The vulnerability causes a kernel crash, disrupting system operations and potentially leading to a denial of service.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel ath11k RCU Stall Vulnerability Leading to Kernel Crash

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating