CVE-2025-37743 — Missing Release of Memory after Effective Lifetime in Linux
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 74.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMay 1
Latest updateJul 8
Description
In the Linux kernel, the following vulnerability has been resolved:
wifi: ath12k: Avoid memory leak while enabling statistics
Driver uses monitor destination rings for extended statistics mode and
standalone monitor mode. In extended statistics mode, TLVs are parsed from
the buffer received from the monitor destination ring and assigned to the
ppdu_info structure to update per-packet statistics. In standalone monitor
mode, along with per-packet statistics, the packet data (payload) is
captured…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages8 packages
Patches
🔴Vulnerability Details
5OSV▶
CVE-2025-37743: In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Avoid memory leak while enabling statistics Driver uses monitor dest↗2025-05-01
GHSA▶
GHSA-v99v-6wp3-34rf: In the Linux kernel, the following vulnerability has been resolved:
wifi: ath12k: Avoid memory leak while enabling statistics
Driver uses monitor de↗2025-05-01