CVE-2025-38157: 
Linux Kernel vulnerability analysis and mitigation

CVE-2025-38157 is a vulnerability discovered in the Linux kernel's ath9k_htc WiFi driver, disclosed on July 3, 2025. The vulnerability affects various Linux distributions and their kernel implementations, particularly impacting systems using the ath9k_htc wireless device driver (NVD).

The vulnerability occurs when a malicious USB device sends a WMI_SWBA_EVENTID event from an ath9k_htc-managed device before beaconing has been enabled. This triggers a divide-by-zero error in the driver, which can result in either a system crash or an out-of-bounds read condition. The issue specifically relates to the handling of software beacons in the ath9k_htc_swba() function (CVE). According to Rapid7's assessment, the vulnerability has been assigned a CVSS score of 5.0 with attack vector parameters of AV:L/AC:L/Au:N/C:N/I:N/A:C (Rapid7).

The vulnerability can lead to system crashes or potential out-of-bounds memory reads when exploited. This primarily affects system stability and availability, with the potential for denial of service conditions on affected systems (NVD).

The vulnerability has been resolved by implementing a fix that aborts the handling in ath9k_htc_swba() if beacons are not enabled. This prevents the divide-by-zero condition from occurring. Various Linux distributions have marked this vulnerability for patching, with Ubuntu marking it as 'Vulnerable' in several current releases including 24.04 LTS noble and 22.04 LTS jammy (Ubuntu).