CVE-2025-37743

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> wifi: ath12k: Avoid memory leak while enabling statistics<br /> <br /> Driver uses monitor destination rings for extended statistics mode and<br /> standalone monitor mode. In extended statistics mode, TLVs are parsed from<br /> the buffer received from the monitor destination ring and assigned to the<br /> ppdu_info structure to update per-packet statistics. In standalone monitor<br /> mode, along with per-packet statistics, the packet data (payload) is<br /> captured, and the driver updates per MSDU to mac80211.<br /> <br /> When the AP interface is enabled, only extended statistics mode is<br /> activated. As part of enabling monitor rings for collecting statistics,<br /> the driver subscribes to HAL_RX_MPDU_START TLV in the filter<br /> configuration. This TLV is received from the monitor destination ring, and<br /> kzalloc for the mon_mpdu object occurs, which is not freed, leading to a<br /> memory leak. The kzalloc for the mon_mpdu object is only required while<br /> enabling the standalone monitor interface. This causes a memory leak while<br /> enabling extended statistics mode in the driver.<br /> <br /> Fix this memory leak by removing the kzalloc for the mon_mpdu object in<br /> the HAL_RX_MPDU_START TLV handling. Additionally, remove the standalone<br /> monitor mode handlings in the HAL_MON_BUF_ADDR and HAL_RX_MSDU_END TLVs.<br /> These TLV tags will be handled properly when enabling standalone monitor<br /> mode in the future.<br /> <br /> Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1<br /> Tested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3