Executive Summary

Informations
Name CVE-2025-37744 First vendor Publication 2025-05-01
Vendor Cve Last vendor Modification 2025-05-02

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

In the Linux kernel, the following vulnerability has been resolved:

wifi: ath12k: fix memory leak in ath12k_pci_remove()

Kmemleak reported this error:

unreferenced object 0xffff1c165cec3060 (size 32):
comm "insmod", pid 560, jiffies 4296964570 (age 235.596s)
backtrace:
[<000000005434db68>] __kmem_cache_alloc_node+0x1f4/0x2c0
[<000000001203b155>] kmalloc_trace+0x40/0x88
[<0000000028adc9c8>] _request_firmware+0xb8/0x608
[<00000000cad1aef7>] firmware_request_nowarn+0x50/0x80
[<000000005011a682>] local_pci_probe+0x48/0xd0
[<00000000077cd295>] pci_device_probe+0xb4/0x200
[<0000000087184c94>] really_probe+0x150/0x2c0

The firmware memory was allocated in ath12k_pci_probe(), but not freed in ath12k_pci_remove() in case ATH12K_FLAG_QMI_FAIL bit is set. So call ath12k_fw_unmap() to free the memory.

Tested-on: WCN7850 hw2.0 PCI WLAN.HMT.2.0-02280-QCAHMTSWPL_V1.0_V2.0_SILICONZ-1

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-37744

Sources (Detail)

https://git.kernel.org/stable/c/1b24394ed5c8a8d8f7b9e3aa9044c31495d46f2e
https://git.kernel.org/stable/c/3cb47b50926a5b9eef8c06506a14cdc0f3d95c53
https://git.kernel.org/stable/c/52e3132e62c31b5ade43dc4495fa81175e6e8398
https://git.kernel.org/stable/c/cb8f4c5f9c487d82a566672b5ed0c9f05e40659b
Source Url

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2025-05-27 02:57:23
  • First insertion