In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: qca: fix firmware check error path
A recent commit fixed the code that parses the firmware files before downloading them to the controller but introduced a memory leak in case the sanity checks ever fail.
Make sure to free the firmware buffer before returning on errors.