Memory Leak Vulnerability in Linux Kernel Affecting Ath11k Firmware Statistics
CVE-2023-53602
What is CVE-2023-53602?
The Linux kernel has a vulnerability in the ath11k driver that leads to a memory leak associated with the retrieval and management of firmware statistics. Specifically, memory allocated for various statistics related to physical devices, virtual devices, and beacon notifications remains unreleased when the module is removed (rmmod). This issue can result in resource exhaustion over time if not addressed. The vulnerability has been resolved by ensuring that the ath11k_fw_stats_free() function is called before the hardware unregisters, thus preventing memory leaks and improving system stability.
Affected Version(s)
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 86f9330a49d1464849482298dd34d361859183eb
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 55248d36beb79d3a61c9fb3122dc377fff523c89
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 6aafa1c2d3e3fea2ebe84c018003f2a91722e607