CVE-2025-38199

Summary

In the Linux kernel, the following vulnerability has been resolved:

wifi: ath12k: Fix memory leak due to multiple rx_stats allocation

rx_stats for each arsta is allocated when adding a station. arsta->rx_stats will be freed when a station is removed.

Redundant allocations are occurring when the same station is added multiple times. This causes ath12k_mac_station_add() to be called multiple times, and rx_stats is allocated each time. As a result there is memory leaks.

Prevent multiple allocations of rx_stats when ath12k_mac_station_add() is called repeatedly by checking if rx_stats is already allocated before allocating again. Allocate arsta->rx_stats if arsta->rx_stats is NULL respectively.

Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1 Tested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxd889913205cf7ebda905b1e62c5867ed4e39f6c2 < 232f962ae5fca98912a719e64b4964a5aec7c99baffected
LinuxLinuxd889913205cf7ebda905b1e62c5867ed4e39f6c2 < c426497fa2055c8005196922e7d29c41d7e0948aaffected
LinuxLinux6.3affected
LinuxLinux0 < 6.3unaffected
LinuxLinux6.15.4 <= 6.15.*unaffected
LinuxLinux6.16 <= *unaffected

Weaknesses

References