Home

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: Fix memory leak after mt76_connac_mcu_alloc_sta_req() mt76_connac_mcu_alloc_sta_req() allocates an skb which is expected to be freed eventually by mt76_mcu_skb_send_msg(). However, currently if an intermediate function fails before sending, the allocated skb is leaked. Specifically, mt76_connac_mcu_sta_wed_update() and mt76_connac_mcu_sta_key_tlv() may fail, leading to an immediate memory leak in the error path. Fix this by explicitly freeing the skb in these error paths. Commit 7c0f63fe37a5 ("wifi: mt76: mt7996: fix memory leak on mt7996_mcu_sta_key_tlv error") made a similar change. Compile tested only. Issue found using a prototype static analysis tool and code review.

PUBLISHED Reserved 2026-06-09 | Published 2026-06-24 | Updated 2026-06-24 | Assigner Linux

Product status

Default status
unaffected

6683d988089ce0e80bd859a9493333b6b272420e (git) before eb466406d2094deefadc2cd6ddb4f6eeb086d1b4
affected

6683d988089ce0e80bd859a9493333b6b272420e (git) before c41075ce8cf05ed8c0e7b7efef000dce548ffc42
affected

Default status
affected

5.18
affected

Any version before 5.18
unaffected

7.0.10 (semver)
unaffected

7.1 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/eb466406d2094deefadc2cd6ddb4f6eeb086d1b4

git.kernel.org/...c/c41075ce8cf05ed8c0e7b7efef000dce548ffc42

cve.org (CVE-2026-53102)

nvd.nist.gov (CVE-2026-53102)

Download JSON