CVE-2025-37944: 
Linux Kernel vulnerability analysis and mitigation

CVE-2025-37944 is a vulnerability discovered in the Linux kernel's wifi subsystem, specifically affecting the ath12k driver. The vulnerability was published on May 20, 2025, and affects QCN9274 hw2.0 and WCN7850 hw2.0 hardware configurations (NVD, Wiz).

The vulnerability stems from an incorrect implementation in the ath12k_dp_mon_srng_process function, which uses ath12k_hal_srng_src_get_next_entry to fetch entries from a destination ring. This is problematic because ath12k_hal_srng_src_get_next_entry is specifically designed for source rings, not destination rings. The mismatch occurs because source rings and destination rings have different handling mechanisms, leading to incorrect pointer arithmetic and ring management. The vulnerability has received a CVSS v3.1 score of 7.0 (MODERATE) with vector string CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H (RedHat).

The vulnerability can result in invalid entry fetches, potentially causing data corruption or system crashes due to accessing incorrect memory locations. This affects systems running the specified hardware configurations QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1 and WCN7850 hw2.0 WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3 (NVD).

The vulnerability has been addressed by replacing the call to ath12k_hal_srng_src_get_next_entry with ath12k_hal_srng_dst_get_next_entry in the ath12k_dp_mon_srng_process function. This correction ensures that the appropriate function is used for fetching entries from the destination ring, preventing invalid memory accesses (NVD).