In the Linux kernel, the following vulnerability has been resolved:EOL][EOL]wifi: carl9170: do not ping device which has failed to load firmware[EOL][EOL]Syzkaller reports [1, 2] crashes caused by an attempts to ping[EOL]the device which has failed to load firmware. Since such a device[EOL]doesn't pass 'ieee80211_register_hw()', an internal workqueue[EOL]managed by 'ieee80211_queue_work()' is not yet created and an[EOL]attempt to queue work on it causes null-ptr-deref.[EOL][EOL][1] https://syzkaller.appspot.com/bug?extid=9a4aec827829942045ff[EOL][2] https://syzkaller.appspot.com/bug?extid=0d8afba53e8fb2633217 CREATE(Triage):(User=admin) [CVE-2025-38420 (https://nvd.nist.gov/vuln/detail/CVE-2025-38420)
