NXP moal.ko Wi-Fi driver 5.1.7.10 FW version from v17.92.1.p149.43 To v17.92.1.p149.157 was discovered to contain a buffer overflow via the mod_para parameter in the woal_init_module_param function.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable no

Technical Impact partial

Affected Vendors & Products

No data.

No data.

No data.

References
Link Providers
https://github.com/masjadaan/CVE-2025-29338 cve-icon cve-icon
https://www.nxp.com/docs/en/release-note/RN00104.pdf cve-icon cve-icon
History

Thu, 14 May 2026 16:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-120
Metrics cvssV3_1

{'score': 5.6, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 13 May 2026 15:15:00 +0000

Type Values Removed Values Added
Description NXP moal.ko Wi-Fi driver 5.1.7.10 FW version from v17.92.1.p149.43 To v17.92.1.p149.157 was discovered to contain a buffer overflow via the mod_para parameter in the woal_init_module_param function.
References
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2026-05-13T00:00:00.000Z

Updated: 2026-05-14T15:46:36.625Z

Reserved: 2025-03-11T00:00:00.000Z

Link: CVE-2025-29338

cve-icon Vulnrichment

Updated: 2026-05-14T15:43:02.120Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-13T16:16:35.190

Modified: 2026-05-14T16:16:19.160

Link: CVE-2025-29338

cve-icon Redhat

No data.