CVE-2025-71297
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
08/05/2026
Last modified:
14/05/2026
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
wifi: rtw88: 8822b: Avoid WARNING in rtw8822b_config_trx_mode()<br />
<br />
rtw8822b_set_antenna() can be called from userspace when the chip is<br />
powered off. In that case a WARNING is triggered in<br />
rtw8822b_config_trx_mode() because trying to read the RF registers<br />
when the chip is powered off returns an unexpected value.<br />
<br />
Call rtw8822b_config_trx_mode() in rtw8822b_set_antenna() only when<br />
the chip is powered on.<br />
<br />
------------[ cut here ]------------<br />
write RF mode table fail<br />
WARNING: CPU: 0 PID: 7183 at rtw8822b.c:824 rtw8822b_config_trx_mode.constprop.0+0x835/0x840 [rtw88_8822b]<br />
CPU: 0 UID: 0 PID: 7183 Comm: iw Tainted: G W OE 6.17.5-arch1-1 #1 PREEMPT(full) 01c39fc421df2af799dd5e9180b572af860b40c1<br />
Tainted: [W]=WARN, [O]=OOT_MODULE, [E]=UNSIGNED_MODULE<br />
Hardware name: LENOVO 82KR/LNVNB161216, BIOS HBCN18WW 08/27/2021<br />
RIP: 0010:rtw8822b_config_trx_mode.constprop.0+0x835/0x840 [rtw88_8822b]<br />
Call Trace:<br />
<br />
rtw8822b_set_antenna+0x57/0x70 [rtw88_8822b 370206f42e5890d8d5f48eb358b759efa37c422b]<br />
rtw_ops_set_antenna+0x50/0x80 [rtw88_core 711c8fb4f686162be4625b1d0b8e8c6a5ac850fb]<br />
ieee80211_set_antenna+0x60/0x100 [mac80211 f1845d85d2ecacf3b71867635a050ece90486cf3]<br />
nl80211_set_wiphy+0x384/0xe00 [cfg80211 296485ee85696d2150309a6d21a7fbca83d3dbda]<br />
? netdev_run_todo+0x63/0x550<br />
genl_family_rcv_msg_doit+0xfc/0x160<br />
genl_rcv_msg+0x1aa/0x2b0<br />
? __pfx_nl80211_pre_doit+0x10/0x10 [cfg80211 296485ee85696d2150309a6d21a7fbca83d3dbda]<br />
? __pfx_nl80211_set_wiphy+0x10/0x10 [cfg80211 296485ee85696d2150309a6d21a7fbca83d3dbda]<br />
? __pfx_nl80211_post_doit+0x10/0x10 [cfg80211 296485ee85696d2150309a6d21a7fbca83d3dbda]<br />
? __pfx_genl_rcv_msg+0x10/0x10<br />
netlink_rcv_skb+0x59/0x110<br />
genl_rcv+0x28/0x40<br />
netlink_unicast+0x285/0x3c0<br />
? __alloc_skb+0xdb/0x1a0<br />
netlink_sendmsg+0x20d/0x430<br />
____sys_sendmsg+0x39f/0x3d0<br />
? import_iovec+0x2f/0x40<br />
___sys_sendmsg+0x99/0xe0<br />
? refill_obj_stock+0x12e/0x240<br />
__sys_sendmsg+0x8a/0xf0<br />
do_syscall_64+0x81/0x970<br />
? do_syscall_64+0x81/0x970<br />
? ksys_read+0x73/0xf0<br />
? do_syscall_64+0x81/0x970<br />
? count_memcg_events+0xc2/0x190<br />
? handle_mm_fault+0x1d7/0x2d0<br />
? do_user_addr_fault+0x21a/0x690<br />
? exc_page_fault+0x7e/0x1a0<br />
entry_SYSCALL_64_after_hwframe+0x76/0x7e<br />
<br />
---[ end trace 0000000000000000 ]---
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.8 (including) | 6.1.165 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.128 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.12.75 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.13 (including) | 6.18.16 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.19 (including) | 6.19.6 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/0d0c2fb80ca4c284c397dd7546743a3b5fdf4020
- https://git.kernel.org/stable/c/44510ff07b5198e4a835a3074b716cec8357695b
- https://git.kernel.org/stable/c/44d1f624bbdd2d60319374ba85f7195a28d00c90
- https://git.kernel.org/stable/c/509becaee5680a39bde00c2c7d448dfeb39a8e05
- https://git.kernel.org/stable/c/7852ca1cc65ad43fb8b620e6a65d5cb15e4e4487
- https://git.kernel.org/stable/c/a96d161cfdb11cd2c35d5e498b93431164823338