LiveActive security incident?Get immediate response
CVE Record

CVE-2025-23129: wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path If a shared IRQ is used by the driver due to platform limitation, then the IRQ affinity hint is set right after the allocation of IRQ vectors in ath11k_pci_alloc_msi(). This does no harm unless one of the functions requesting the IRQ fails and attempt to free the IRQ. This results in the below warning: WARNING: CPU: 7 PID: 349 at kernel/irq/manage.c:1929 free_irq+0x278/0x29c Call trace: free_irq+0x278/0x29c ath11k_pcic_free_irq+0x70/0x10c [ath11k] ath11k_pci_probe+0x800/0x820 [ath11k_pci] local_pci_probe+0x40/0xbc The warning is due to not clearing the affinity hint before freeing the IRQs. So to fix this issue, clear the IRQ affinity hint before calling ath11k_pcic_free_irq() in the error path. The affinity will be cleared once again further down the error path due to code organization, but that does no harm. Tested-on: QCA6390 hw2.0 PCI WLAN.HST.1.0.1-05266-QCAHSTSWPLZ_V2_TO_X86-1

UnknownCVSS not scoredNot KEV-listedUpdated
Glexia's TakeAutomated analysisunknown

Security readout for executives and security teams

Plain-English summary

This is a Linux kernel Wi-Fi driver bug in ath11k. On systems using shared IRQs, a driver setup failure can leave an IRQ affinity hint uncleared before IRQ cleanup, triggering a kernel warning. The source does not describe data theft, remote code execution, or active exploitation.

Executive priority

Treat this as a targeted Linux kernel maintenance item, not an emergency, unless your fleet includes affected Wi-Fi hardware in sensitive endpoints. Patch through normal kernel update processes once vendor packages are available.

Technical view

The ath11k PCI error path called ath11k_pcic_free_irq() without first clearing the IRQ affinity hint. The resolved change clears the affinity hint before freeing IRQs. The issue is tied to shared IRQ use and was tested on QCA6390 hardware.

Likely exposure

Exposure appears limited to Linux systems using the ath11k PCI Wi-Fi driver on affected kernel versions and platforms where shared IRQs are used. Servers without this driver or hardware are unlikely to be exposed.

Exploitation context

The bundle reports KEV as false and provides no evidence of public exploitation. The described behavior is a kernel warning during a driver error path, not a documented attacker-controlled exploit path.

Researcher notes

Evidence is sparse: no CVSS, CWE, or concrete security impact is provided. The root cause is cleanup-order correctness in an ath11k PCI error path involving IRQ affinity hints and shared IRQs. Avoid extrapolating beyond kernel warning and stability implications.

Mitigation direction

  • Check vendor kernel advisories for fixed packages covering CVE-2025-23129.
  • Prioritize systems using ath11k PCI Wi-Fi hardware or Qualcomm QCA6390-class devices.
  • Update to a kernel containing one of the referenced stable fixes.
  • If no vendor package exists, follow vendor guidance for temporary risk handling.

Validation and detection

  • Inventory Linux hosts for ath11k or ath11k_pci driver usage.
  • Compare running kernel versions against vendor CVE-2025-23129 advisories.
  • Review kernel logs for warnings involving free_irq and ath11k_pcic_free_irq.
  • Confirm patched systems include the affinity hint cleanup fix.
Prepared
Confidence
medium
Sources
5

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

cve · low confidence lookup

CVE-2025-23129 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
Unknown
CVSS
Not scored
Known Exploited
No
Published
Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

0CVSS vectors
3Timeline events
0ADP providers
4Source links

Vulnerability timeline

Timeline events are normalized from CVE metadata, CNA source timelines, ADP timelines, and KEV metadata when present.

  1. CVE reservedCVE Program

    The CVE ID was reserved by the assigning CNA.

  2. CVE publishedCVE Program

    The CVE record was published.

  3. CVE updatedCVE Program

    The CVE record metadata indicates this as the latest update time.

Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
LinuxLinux39564b475ac5a589e6c22c43a08cbd283c295d2c, 39564b475ac5a589e6c22c43a08cbd283c295d2c, 39564b475ac5a589e6c22c43a08cbd283c295d2c, e01b3400d641cb290742849331f0d22e1202538a, 5a9f55efa9333e3edb4826d945cfdd8356f6e269, d412d0ef300f28d698648cc7c19147ab413251fe, 6.1.63, 6.5.12, 6.6.2unaffected
LinuxLinux6.7, 0, 6.12.59, 6.14.2, 6.15affected
Weakness

CWE details

No CWE listed

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.