CVE-2025-37744

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak issue has been identified in the Linux kernel, specifically in the ath12k wifi module. The issue occurs when the ath12k pci remove() function fails to free allocated firmware memory in certain cases, such as when the ATH12K FLAG QMI FAIL bit is set. This leak was reported by Kmemleak, and a fix has been implemented to call ath12k fw unmap() to free the memory.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for the memory leak in the ath12k wifi module. As a temporary workaround, consider disabling the wifi module until a patch is available.

Exploit

Fix

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

BDU:2025-12037

CVE-2025-37744

OPENSUSE-SU-2026:20287-1

SUSE-SU-2026:0447-1

SUSE-SU-2026:0472-1

SUSE-SU-2026:0587-1

SUSE-SU-2026:20555-1

SUSE-SU-2026:20599-1

SUSE-SU-2026:20615-1

USN-7594-1

USN-7594-2

USN-7594-3

USN-8028-1

USN-8028-2

USN-8028-3

USN-8028-4

USN-8028-5

USN-8028-6

USN-8028-7

USN-8028-8

USN-8031-1

USN-8031-2

USN-8031-3

USN-8052-1

USN-8052-2

USN-8074-1

USN-8074-2

USN-8126-1

Affected Products

Astra Linux

Debian

Linuxmint

Linux Kernel

Ubuntu

CVE-2025-37744

Weakness Enumeration

Related Identifiers

Affected Products

References · 1954