Linux Kernel ath11k Wi-Fi Driver Memory Leak Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's ath11k Wi-Fi driver. The issue arises in the 'ath11k_peer_rx_frag_setup' function, where the 'crypto_alloc_shash' function allocates resources that are not properly released. When 'ath11k_peer_find' fails, the allocated resources are not freed, leading to a memory leak. The vulnerability affects the Linux kernel ath11k Wi-Fi driver in versions prior to the latest patch.

Impact

Exploitation of this vulnerability leads to a memory leak, causing increased memory usage and potentially degrading system performance over time.

Reproduction

The vulnerability can be reproduced by invoking the 'ath11k_peer_rx_frag_setup' function with a peer MAC address that does not correspond to an existing peer. This will cause the function to fail and exit without freeing the resources allocated by 'crypto_alloc_shash', thereby creating a memory leak.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been patched. Instructions for downloading the latest stable version can be found on the official Linux kernel website.