CVE-2025-38600 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-38600 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: fix off by one in mt7925_mcu_hw_scan() The ssid->ssids[] and sreq->ssids[] arrays have MT7925_RNR_SCAN_MAX_BSSIDS elements so this >= needs to be > to prevent an out of bounds access.

EPSS 0.02% · 5.2th percentile

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Score

0.02%

5.2th percentile

Affected Products

Vendor	Product	Versions
linux	linux_kernel	6.16, 6.16, 6.16
Linux	Linux	0, 8284815ca161e0fa0861cc4085f1c0141e10a34d, 6.17

Timeline

Jan 21, 1970 Security Advisory
Aug 19, 2025 CVE Published
Aug 20, 2025 EPSS Score
Aug 20, 2025 Coalition ESS Score
Aug 26, 2025 Coalition ESS Score
Aug 27, 2025 EPSS Score
Sep 4, 2025 EPSS Score
Sep 11, 2025 EPSS Score
Sep 19, 2025 EPSS Score
Sep 26, 2025 EPSS Score
Oct 2, 2025 Coalition ESS Score
Oct 4, 2025 EPSS Score

References

Open in Interactive Console →