Linux Kernel ath12k WMI Command Handling Vulnerability During Firmware Recovery

Vulnerability

A vulnerability in the Linux kernel's ath12k Wi-Fi driver allows WMI commands to be sent to the firmware during its recovery from a crash. This can lead to command failures and generate a kernel call trace indicating a problem. The issue arises because the host driver does not properly manage the timing of WMI command transmissions in relation to the firmware's recovery process.

Impact

The vulnerability can cause WMI command failures and disrupt normal driver-firmware communication, potentially leading to degraded performance or functionality of the Wi-Fi driver.

Added: Jul 10, 2025, 9:21 AM

Updated: Jul 10, 2025, 9:21 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.5

remediation

0.0

relevance

0.3

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.5

remediation

0.0

relevance

0.3

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel ath12k WMI Command Handling Vulnerability During Firmware Recovery

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating