Primary

Context

Linux Kernel ath12k Wi-Fi Driver Memory Leak Vulnerability

Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's ath12k Wi-Fi driver. The issue arises in the PCI removal function, ath12k_pci_remove(), where firmware memory allocated during the PCI probe process is not properly freed. This oversight occurs when the ATH12K_FLAG_QMI_FAIL bit is set, leading to unreferenced memory objects. Kmemleak has reported this memory leak, indicating that the unfreed memory could contribute to resource exhaustion over time.

Impact

Exploitation of this vulnerability leads to a memory leak, where allocated memory is not properly released, potentially causing resource exhaustion.

Remediation

The vulnerability has been addressed in the Linux kernel. Users should upgrade to the latest version where this fix is available.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel ath12k Wi-Fi Driver Memory Leak Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating