CVE Catalog

CVE-2026-53102

Unknown
Published: Translated: NVD NIST

Summary

A vulnerability has been identified in the Linux kernel related to a memory leak in the mt76_connac_mcu_alloc_sta_req() function. If intermediate functions fail, the allocated memory is not freed, leading to a leak.

Risk Assessment

Memory leaks can lead to increased resource consumption, which may affect the stability and performance of the system in the long run.

Recommendation

It is recommended to update the Linux kernel to the latest version to mitigate this vulnerability and to monitor the system for abnormal memory usage.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: Fix memory leak after mt76_connac_mcu_alloc_sta_req() mt76_connac_mcu_alloc_sta_req() allocates an skb which is expected to be freed eventually by mt76_mcu_skb_send_msg(). However, currently if an intermediate function fails before sending, the allocated skb is leaked. Specifically, mt76_connac_mcu_sta_wed_update() and mt76_connac_mcu_sta_key_tlv() may fail, leading to an immediate memory leak in the error path. Fix this by explicitly freeing the skb in these error paths. Commit 7c0f63fe37a5 ("wifi: mt76: mt7996: fix memory leak on mt7996_mcu_sta_key_tlv error") made a similar change. Compile tested only. Issue found using a prototype static analysis tool and code review.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS