CVE-2025-38450: 
Linux Kernel vulnerability analysis and mitigation

A NULL pointer dereference vulnerability was discovered in the Linux kernel's mt7925stasetdecapoffload() function within the WiFi subsystem (mt76/mt7925 driver). The vulnerability was disclosed on July 25, 2025, and affects the Linux kernel's wireless networking components, specifically in AP mode deployment (NVD, RedHat).

The vulnerability occurs when the mt7925stasetdecapoffload() function is triggered before the station is fully initialized, leading to a NULL pointer dereference when accessing msta->vif members. The issue manifests as a kernel panic due to accessing resources when msta->vif is NULL, resulting in a page fault at virtual address 0xffffffffffffffa0. The vulnerability has been assigned a CVSS v3.1 score of 7.0 (AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H) (RedHat).

When exploited, this vulnerability can cause a kernel panic in AP mode deployment, potentially leading to system crashes and denial of service conditions. The issue affects systems running the Linux kernel with the mt76/mt7925 WiFi driver enabled (NVD).

The vulnerability has been patched by adding a NULL check for msta->vif before accessing its members and implementing an early return if msta->vif is NULL. Additionally, the fix includes a check for wcid.sta readiness to ensure proper station initialization before proceeding with decap offload configuration (NVD).