EUVD-2025-32267

| CVE-2023-53602 MEDIUM
2025-10-04 416baaa9-dc9f-4396-8d5f-8c081fb06d67
5.5
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

4
Patch Released
Mar 23, 2026 - 18:24 nvd
Patch available
Analysis Generated
Mar 13, 2026 - 19:56 vuln.today
EUVD ID Assigned
Mar 13, 2026 - 19:56 euvd
EUVD-2025-32267
CVE Published
Oct 04, 2025 - 16:15 nvd
MEDIUM 5.5

Tags

Information Disclosure Linux Redhat Suse Linux Kernel

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix memory leak in WMI firmware stats Memory allocated for firmware pdev, vdev and beacon statistics are not released during rmmod. Fix it by calling ath11k_fw_stats_free() function before hardware unregister. While at it, avoid calling ath11k_fw_stats_free() while processing the firmware stats received in the WMI event because the local list is getting spliced and reinitialised and hence there are no elements in the list after splicing. Tested-on: QCN9074 hw1.0 PCI WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1

Analysis

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix memory leak in WMI firmware stats Memory allocated for firmware pdev, vdev and beacon statistics are not released during rmmod.

Technical Context

This vulnerability is classified as Memory Leak (CWE-401).

Affected Products

Affected products: Linux Linux Kernel

Remediation

A vendor patch is available. Apply it as soon as possible and verify the fix.

Priority Score

28
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +28
POC: 0

Vendor Status

Share

EUVD-2025-32267 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy