DEBIAN-CVE-2025-39890
- Source
- https://security-tracker.debian.org/tracker/CVE-2025-39890
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-39890.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2025-39890
- Upstream
- Published
- 2025-09-24T11:15:32Z
- Modified
- 2025-09-30T05:20:45.297970Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix memory leak in ath12kservicereadyextevent Currently, in ath12kservicereadyextevent(), svcrdyext.macphycaps is not freed in the failure case, causing a memory leak. The following trace is observed in kmemleak: unreferenced object 0xffff8b3eb5789c00 (size 1024): comm "softirq", pid 0, jiffies 4294942577 hex dump (first 32 bytes): 00 00 00 00 01 00 00 00 00 00 00 00 7b 00 00 10 ............{... 01 00 00 00 00 00 00 00 01 00 00 00 1f 38 00 00 .............8.. backtrace (crc 44e1c357): _kmallocnoprof+0x30b/0x410 ath12kwmimacphycapsparse+0x84/0x100 [ath12k] ath12kwmitlviter+0x5e/0x140 [ath12k] ath12kwmisvcrdyextparse+0x308/0x4c0 [ath12k] ath12kwmitlviter+0x5e/0x140 [ath12k] ath12kservicereadyextevent.isra.0+0x44/0xd0 [ath12k] ath12kwmioprx+0x2eb/0xd70 [ath12k] ath12khtcrxcompletionhandler+0x1f4/0x330 [ath12k] ath12kcerecvprocesscb+0x218/0x300 [ath12k] ath12kpciceworkqueue+0x1b/0x30 [ath12k] processonework+0x219/0x680 bhworker+0x198/0x1f0 taskletaction+0x13/0x30 handlesoftirqs+0xca/0x460 _irqexitrcu+0xbe/0x110 irqexitrcu+0x9/0x30 Free svcrdyext.macphycaps in the error case to fix this memory leak. Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.4.1-00199-QCAHKSWPL_SILICONZ-1
- References
Affected packages
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.16.3-1