CVE-2023-54275
Memory Leak in Linux Kernel ath11k Wi-Fi Component Fixed
Publication date: 2025-12-30
Last updated on: 2025-12-30
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | kernel | * |
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
Update the Linux kernel to a version that includes the fix for the memory leak in ath11k_peer_rx_frag_setup, which adds the missing crypto_free_shash() call. This will prevent the memory leak caused when ath11k_peer_find() fails.
Can you explain this vulnerability to me?
This vulnerability is a memory leak in the Linux kernel's ath11k WiFi driver. Specifically, when the function ath11k_peer_find() fails, it does not properly release allocated cryptographic resources using crypto_free_shash(), leading to a memory leak. The fix involves adding the missing crypto_free_shash() call to prevent this leak.
How can this vulnerability impact me? :
The memory leak caused by this vulnerability can lead to increased memory usage over time, potentially degrading system performance or causing system instability if the leak is significant and persistent.