CVE-2025-38157 – “Qualcomm ath9k_htc USB WMI Out-of-Bounds Read/Write”

July 3, 2025

CVE ID : CVE-2025-38157

Published : July 3, 2025, 9:15 a.m. | 2 hours, 14 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

wifi: ath9k_htc: Abort software beacon handling if disabled

A malicious USB device can send a WMI_SWBA_EVENTID event from an
ath9k_htc-managed device before beaconing has been enabled. This causes
a device-by-zero error in the driver, leading to either a crash or an
out of bounds read.

Prevent this by aborting the handling in ath9k_htc_swba() if beacons are
not enabled.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-38158 – Hisi Acc VFio PCI DMA Address Error Vulnerability

Next Article CVE-2025-38156 – Marvell MT7996 Null Pointer Dereference Vulnerability (WiFi)

Highlights

CVE-2025-3866 – Google Plus One Social Share Button CSRF Vulnerability

April 25, 2025

CVE ID : CVE-2025-3866

Published : April 25, 2025, 7:15 a.m. | 14 minutes ago

Description : The Add Google +1 (Plus one) social share Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on the google-plus-one-share-button page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

Severity: 6.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

A Week In The Life Of An AI-Augmented Designer

This week in AI updates: Gemini Code Assist Agent Mode, GitHub’s Agents panel, and more (August 22, 2025)

Microsoft adds Copilot-powered debugging features for .NET in Visual Studio

Blackstone portfolio company R Systems Acquires Novigo Solutions, Strengthening its Product Engineering and Full-Stack Agentic-AI Capabilities

I found the ultimate MacBook Air alternative for Windows users – and it’s priced well

Outdated IT help desks are holding businesses back – but there is a solution

Android’s latest update can force apps into dark mode – how to see it now

I tried the Google Pixel Watch 4 – and these key features made it feel indispensable

Building Cross-Platform Alerts with Laravel’s Notification Framework

Building Cross-Platform Alerts with Laravel’s Notification Framework

Add Notes Functionality to Eloquent Models With the Notable Package

How to install OpenPlatform — IoT platform

Basics of Digital Forensics

Basics of Digital Forensics

Top Linux Server Automation Tools: Simplifying System Administration

Rising from the Ashes: How AlmaLinux and Rocky Linux Redefined the Post-CentOS Landscape

CVE-2025-38157 – “Qualcomm ath9k_htc USB WMI Out-of-Bounds Read/Write”

“What happens online stays online” and other cyberbullying myths, debunked

The need for speed: Why organizations are turning to rapid, trustworthy MDR

CVE-2024-45067 – Intel Gaudi Privilege Escalation

CVE-2025-5164 – PerfreeBlog JWT Handler Hard-Coded Cryptographic Key Vulnerability

CVE-2025-52554 – n8n Unauthorized Execution Stop Vulnerability

CVE-2025-20213 – Cisco Catalyst SD-WAN Manager Local File System Overwrite Vulnerability

CVE-2025-3866 – Google Plus One Social Share Button CSRF Vulnerability

What are virtual appliances, and how to quickly deploy them for performance gains

Windows 11 will soon lose the Maps app forever, affecting dozens of users — RIP a Windows Phone relic

Shaping The Future of Connected Product Innovation

CVE-2025-38157 – “Qualcomm ath9k_htc USB WMI Out-of-Bounds Read/Write”

Related Posts