Linux Kernel RTLwifi Memory Leak and Invalid Access Vulnerability

Vulnerability

A vulnerability in the Linux kernel's RTLwifi component has been addressed, which involved memory leaks and invalid memory access during the probe error handling. The issue arose because the deinitialization process did not properly reverse the order of operations when a probe failed, leading to orphaned memory. Specifically, if the 'init_sw_vars' function failed, the 'rtl_deinit_core' function should not have been called, as it destroyed the associated workqueue. Additionally, the 'pci_set_drvdata' call was unnecessary and could contribute to memory leaks. The vulnerability affected several versions of the Linux kernel.

Impact

The vulnerability could lead to memory leaks and improper management of PCI driver data, potentially causing instability or resource exhaustion.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel RTLwifi Memory Leak and Invalid Access Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating