Bug 2363297 (CVE-2025-37744) - CVE-2025-37744 kernel: wifi: ath12k: fix memory leak in ath12k_pci_remove()
Summary: CVE-2025-37744 kernel: wifi: ath12k: fix memory leak in ath12k_pci_remove()
Keywords:
Status: NEW
Alias: CVE-2025-37744
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-05-01 14:02 UTC by OSIDB Bzimport
Modified: 2025-05-29 11:00 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description OSIDB Bzimport 2025-05-01 14:02:44 UTC 
In the Linux kernel, the following vulnerability has been resolved:

wifi: ath12k: fix memory leak in ath12k_pci_remove()

Kmemleak reported this error:

  unreferenced object 0xffff1c165cec3060 (size 32):
    comm "insmod", pid 560, jiffies 4296964570 (age 235.596s)
    backtrace:
      [<000000005434db68>] __kmem_cache_alloc_node+0x1f4/0x2c0
      [<000000001203b155>] kmalloc_trace+0x40/0x88
      [<0000000028adc9c8>] _request_firmware+0xb8/0x608
      [<00000000cad1aef7>] firmware_request_nowarn+0x50/0x80
      [<000000005011a682>] local_pci_probe+0x48/0xd0
      [<00000000077cd295>] pci_device_probe+0xb4/0x200
      [<0000000087184c94>] really_probe+0x150/0x2c0

The firmware memory was allocated in ath12k_pci_probe(), but not
freed in ath12k_pci_remove() in case ATH12K_FLAG_QMI_FAIL bit is
set. So call ath12k_fw_unmap() to free the memory.

Tested-on: WCN7850 hw2.0 PCI WLAN.HMT.2.0-02280-QCAHMTSWPL_V1.0_V2.0_SILICONZ-1
Comment 1 Avinash Hanwate 2025-05-02 03:40:45 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025050134-CVE-2025-37744-e540@gregkh/T
Note You need to log in before you can comment on or make changes to this bug.