CVE-2025-37744 in Linuxinfo

Zusammenfassung

von MITRE • 01.05.2025

In the Linux kernel, the following vulnerability has been resolved:

wifi: ath12k: fix memory leak in ath12k_pci_remove()

Kmemleak reported this error:

unreferenced object 0xffff1c165cec3060 (size 32): comm "insmod", pid 560, jiffies 4296964570 (age 235.596s) backtrace: [<000000005434db68>] __kmem_cache_alloc_node+0x1f4/0x2c0
[<000000001203b155>] kmalloc_trace+0x40/0x88
[<0000000028adc9c8>] _request_firmware+0xb8/0x608
[<00000000cad1aef7>] firmware_request_nowarn+0x50/0x80
[<000000005011a682>] local_pci_probe+0x48/0xd0
[<00000000077cd295>] pci_device_probe+0xb4/0x200
[<0000000087184c94>] really_probe+0x150/0x2c0

The firmware memory was allocated in ath12k_pci_probe(), but not freed in ath12k_pci_remove() in case ATH12K_FLAG_QMI_FAIL bit is set. So call ath12k_fw_unmap() to free the memory.

Tested-on: WCN7850 hw2.0 PCI WLAN.HMT.2.0-02280-QCAHMTSWPL_V1.0_V2.0_SILICONZ-1

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Zuständig

Linux

Reservieren

16.04.2025

Veröffentlichung

01.05.2025

Moderieren

akzeptiert

Eintrag

VDB-306899

CPE

bereit

EPSS

0.00131

KEV

nein

Aktivitäten

very low

Quellen

Do you know our Splunk app?

Download it now for free!