CVE-2023-54016
Memory Leak in Linux Kernel ath12k Wi-Fi Driver Descriptors
Publication date: 2025-12-24
Last updated on: 2025-12-24
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| qualcomm | qcn9274 | * |
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a memory leak in the Linux kernel's ath12k wireless driver. Specifically, when the function ath12k_dp_cc_desc_init() allocates memory for rx_descs and tx_descs, the corresponding cleanup function ath12k_dp_cc_cleanup() does not free this allocated memory, causing a memory leak. The fix involves saving the base addresses of rx_descs and tx_descs during initialization and freeing them properly during cleanup.
How can this vulnerability impact me? :
The memory leak caused by this vulnerability can lead to increased memory usage over time, potentially degrading system performance or causing system instability or crashes if the leaked memory accumulates significantly.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, update the Linux kernel to a version where the memory leak in ath12k's rx_desc and tx_desc has been fixed. This involves applying the patch that ensures memory allocated in ath12k_dp_cc_desc_init() is properly freed in ath12k_dp_cc_cleanup().