{"id":"CVE-2025-40131","summary":"wifi: ath12k: Fix peer lookup in ath12k_dp_mon_rx_deliver_msdu()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix peer lookup in ath12k_dp_mon_rx_deliver_msdu()\n\nIn ath12k_dp_mon_rx_deliver_msdu(), peer lookup fails because\nrxcb-\u003epeer_id is not updated with a valid value. This is expected\nin monitor mode, where RX frames bypass the regular RX\ndescriptor path that typically sets rxcb-\u003epeer_id.\nAs a result, the peer is NULL, and link_id and link_valid fields\nin the RX status are not populated. This leads to a WARN_ON in\nmac80211 when it receives data frame from an associated station\nwith invalid link_id.\n\nFix this potential issue by using ppduinfo-\u003epeer_id, which holds\nthe correct peer id for the received frame. This ensures that the\npeer is correctly found and the associated link metadata is updated\naccordingly.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.4.1-00199-QCAHKSWPL_SILICONZ-1","modified":"2026-04-02T12:48:17.624512Z","published":"2025-11-12T10:23:21.879Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40131.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/7ca61ed8b3f3fc9a7decd68039cb1d7d1238c566"},{"type":"WEB","url":"https://git.kernel.org/stable/c/da64eb2da76ce5626238a951fdf3e81810454427"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40131.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40131"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"bd00cc7e8a4c1048d14c9a9e9790c582119785fb"},{"fixed":"da64eb2da76ce5626238a951fdf3e81810454427"},{"fixed":"7ca61ed8b3f3fc9a7decd68039cb1d7d1238c566"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"124bd8cea02395a1a140f1dcc5e57c65cdd428af"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-40131.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"6.16.0"},{"fixed":"6.17.3"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-40131.json"}}],"schema_version":"1.7.5"}