AZL-73406

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-73406.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-73406

Upstream

CVE-2025-68759

Published

2026-01-05T10:15:57Z

Modified

2026-04-21T04:33:53.087580Z

Summary

CVE-2025-68759 affecting package kernel for versions less than 6.6.121.1-1

Details

In the Linux kernel, the following vulnerability has been resolved:

wifi: rtl818x: Fix potential memory leaks in rtl8180initrx_ring()

In rtl8180initrx_ring(), memory is allocated for skb packets and DMA allocations in a loop. When an allocation fails, the previously successful allocations are not freed on exit.

Fix that by jumping to errfreerings label on error, which calls rtl8180freerxring() to free the allocations. Remove the free of rxring in rtl8180initrxring() error path, and set the freed priv->rxbuf entry to null, to avoid double free.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-68759

Affected packages

Azure Linux:3 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.6.121.1-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-73406.json"