CVE-2025-38343

high

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: drop fragments with multicast or broadcast RA IEEE 802.11 fragmentation can only be applied to unicast frames. Therefore, drop fragments with multicast or broadcast RA. This patch addresses vulnerabilities such as CVE-2020-26145.

References

https://git.kernel.org/stable/c/d4b93f9c2f666011dcf810050ef60a6b8d06f186

https://git.kernel.org/stable/c/80fda1cd7b0a1edd0849dc71403a070d0922118d

https://git.kernel.org/stable/c/5fd5b8132b5de08c99eea003f7715ff2e361b007

https://git.kernel.org/stable/c/24900688ee47071aa6a61e78473999b5b80f0423

Details

Source: Mitre, NVD

Published: 2025-07-10

Updated: 2025-07-10

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Severity: High

EPSS

EPSS: 0.00018