PT-2025-27974 · Linux+4 · Linux Kernel+4
Published
2025-03-26
·
Updated
2026-05-26
·
CVE-2025-38199
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
Linux kernel (affected versions not specified)
Description:
A memory leak issue has been identified in the Linux kernel, specifically in the wifi: ath12k module. The issue occurs due to multiple allocations of
rx stats when the same station is added multiple times, causing the ath12k mac station add() function to be called repeatedly. This results in memory leaks because arsta->rx stats is allocated each time the function is called, without being freed. The issue is resolved by checking if rx stats is already allocated before allocating again, and only allocating arsta->rx stats if it is NULL.Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Missing Release of Resource after Effective Lifetime
Memory Leak
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Astra Linux
Debian
Linuxmint
Linux Kernel
Ubuntu