CVE-2025-38199 Information

Jul 05, 2025 cve

Description

In the Linux kernel the following vulnerability has been resolved:

wifi: ath12k: Fix memory leak due to multiple rx_stats allocation

rx_stats for each arsta is allocated when adding a station. arsta->rx_stats will be freed when a station is removed.

Redundant allocations are occurring when the same station is added multiple times. This causes ath12k_mac_station_add() to be called multiple times and rx_stats is allocated each time. As a result there is memory leaks.

Prevent multiple allocations of rx_stats when ath12k_mac_station_add() is called repeatedly by checking if rx_stats is already allocated before allocating again. Allocate arsta->rx_stats if arsta->rx_stats is NULL respectively.

Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1 Tested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3

Reference

https://git.kernel.org/stable/c/232f962ae5fca98912a719e64b4964a5aec7c99b https://git.kernel.org/stable/c/c426497fa2055c8005196922e7d29c41d7e0948a

CNNVD-202507-466 (Published: 2025-07-04)

Share on:

CVE-2025-38199 Information

Description

Reference

Related CNNVD