CVE-2026-53104
Received Received - Intake
Memory Leak in Linux Kernel MT76 WiFi Driver

Publication date: 2026-06-24

Last updated on: 2026-06-24

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: Fix memory leak destroying device All MT76 rx queues have an associated page_pool even if the queue is not associated to a NAPI (e.g. WED RRO queues with WED enabled). Destroy the page_pool running mt76_dma_cleanup routine during module unload. Moreover returns pages to the page pool if WED is not enabled for WED RRO queues.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-24
Last Modified
2026-06-24
Generated
2026-06-25
AI Q&A
2026-06-24
EPSS Evaluated
N/A
NVD
CVE-2026-53104
EUVD
EUVD-2026-38972
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a memory leak in the Linux kernel's MT76 wireless driver. Specifically, all MT76 receive (rx) queues have an associated page_pool, even if the queue is not linked to a NAPI (New API) context, such as WED RRO queues when WED is enabled. The issue occurs because the page_pool is not properly destroyed during module unload, leading to a memory leak. The fix involves running the mt76_dma_cleanup routine to destroy the page_pool and returning pages to the page pool if WED is not enabled for WED RRO queues.

Impact Analysis

This memory leak can cause the system to consume more memory over time, potentially leading to degraded performance or system instability. In environments where the MT76 wireless driver is used, especially with WED enabled, the leak could accumulate and exhaust available memory resources, possibly causing crashes or denial of service conditions.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53104. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart