What is CVE-2025-68380?

CVE-2025-68380 is a unscored severity Linux kernel vulnerability, affecting Linux kernel versions from 5.16 onward and patched in 6.1.160, 6.6.120, 6.12.63 and others. CVE-2025-68380 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2025-68380?

CVE-2025-68380 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2025-68380?

Yes, CVE-2025-68380 has been patched. Fixed versions include 6.1.160, 6.6.120, 6.12.63 and others. If you are running Linux kernel 5.16 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2025-68380 actively exploited?

CVE-2025-68380 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2025-68380

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix peer HE MCS assignment In ath11k_wmi_send_peer_assoc_cmd(), peer's transmit MCS is sent to firmware as receive MCS while peer's receive MCS sent as transmit MCS, which goes against firmwire's definition. While connecting to a misbehaved AP that advertises 0xffff (meaning not supported) for 160 MHz transmit MCS map, firmware crashes due to 0xffff is assigned to he_mcs->rx_mcs_set field. Ext Tag: HE Capabilities [...] Supported HE-MCS and NSS Set [...] Rx and Tx MCS Maps 160 MHz [...] Tx HE-MCS Map 160 MHz: 0xffff Swap the assignment to fix this issue. As the HE rate control mask is meant to limit our own transmit MCS, it needs to go via he_mcs->rx_mcs_set field. With the aforementioned swapping done, change is needed as well to apply it to the peer's receive MCS. Tested-on: WCN6855 hw2.1 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.41 Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.4.1-00199-QCAHKSWPL_SILICONZ-1

Package Linux Kernel

Published 2025-12-24

Last modified 2026-04-15

Patch available

Yes

Affected versions

Linux kernel versions 5.16 and later are affected. Fixed in 6.1.160, 6.6.120, 6.12.63, 6.17.13, 6.18.2, 6.19 and their respective stable series.

Affected from

≥ 5.16

Fixed in

✓ 6.1.160 6.1.x ✓ 6.6.120 6.6.x ✓ 6.12.63 6.12.x ✓ 6.17.13 6.17.x ✓ 6.18.2 6.18.x ✓ 6.19

References

The following references provide additional information about CVE-2025-68380 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/097c870b91817779e5a312c6539099a884b1fe2b
Patch
Kernel patch commit
https://git.kernel.org/stable/c/381096a417b7019896e93e86f4c585c592bf98e2
Patch
Kernel patch commit
https://git.kernel.org/stable/c/4304bd7a334e981f189b9973056a58f84cc2b482
Patch

6 patch commits total View all on NVD

Frequently asked questions

What is CVE-2025-68380?

CVE-2025-68380 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 5.16 onward and has been patched in 6.1.160, 6.6.120, 6.12.63 and others. CVE-2025-68380 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
Is there a patch available for CVE-2025-68380?

Yes — CVE-2025-68380 has been patched. Fixed versions include 6.1.160, 6.6.120, 6.12.63 and others. If you are running Linux kernel 5.16 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2025-68380 actively exploited?

No — CVE-2025-68380 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.