CVE-2023-54016Missing Release of Resource after Effective Lifetime in Linux

CWE-772Missing Release of Resource after Effective Lifetime7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 92.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix memory leak in rx_desc and tx_desc Currently when ath12k_dp_cc_desc_init() is called we allocate memory to rx_descs and tx_descs. In ath12k_dp_cc_cleanup(), during descriptor cleanup rx_descs and tx_descs memory is not freed. This is cause of memory leak. These allocated memory should be freed in ath12k_dp_cc_cleanup. In ath12k_dp_cc_desc_init(), we can save base address of rx_descs and tx_descs. In ath12k_

Affected Packages4 packages

Linuxlinux/linux_kernel6.3.06.5.5
Debianlinux/linux_kernel< 6.5.6-1+1
CVEListV5linux/linuxd889913205cf7ebda905b1e62c5867ed4e39f6c2e16be2d34883eecfe7fd888fcdb76c7a5db5d187+2
debiandebian/linux< linux 6.5.6-1 (forky)

🔴Vulnerability Details

3
OSV
wifi: ath12k: Fix memory leak in rx_desc and tx_desc2025-12-24
GHSA
GHSA-35gj-2h6h-27p5: In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix memory leak in rx_desc and tx_desc Currently when ath12k_dp_cc2025-12-24
OSV
CVE-2023-54016: In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix memory leak in rx_desc and tx_desc Currently when ath12k_dp_cc_d2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: Linux kernel: Memory leak in ath12k Wi-Fi driver can lead to denial of service2025-12-24
Debian
CVE-2023-54016: linux - In the Linux kernel, the following vulnerability has been resolved: wifi: ath12...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54016 Impact, Exploitability, and Mitigation Steps | Wiz