CVE-2026-53102

ANALYSIS PENDING

wifi: mt76: Fix memory leak after mt76_connac_mcu_alloc_sta_req()

Title source: cna
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: Fix memory leak after mt76_connac_mcu_alloc_sta_req() mt76_connac_mcu_alloc_sta_req() allocates an skb which is expected to be freed eventually by mt76_mcu_skb_send_msg(). However, currently if an intermediate function fails before sending, the allocated skb is leaked. Specifically, mt76_connac_mcu_sta_wed_update() and mt76_connac_mcu_sta_key_tlv() may fail, leading to an immediate memory leak in the error path. Fix this by explicitly freeing the skb in these error paths. Commit 7c0f63fe37a5 ("wifi: mt76: mt7996: fix memory leak on mt7996_mcu_sta_key_tlv error") made a similar change. Compile tested only. Issue found using a prototype static analysis tool and code review.

Scores

EPSS 0.0016
EPSS Percentile 5.2%

Details

Status published
Products (7)
linux/Kernel 5.18.0 - 7.0.10linux
Linux/Linux < 5.18
Linux/Linux 5.18
Linux/Linux 6683d988089ce0e80bd859a9493333b6b272420e - c41075ce8cf05ed8c0e7b7efef000dce548ffc42
Linux/Linux 6683d988089ce0e80bd859a9493333b6b272420e - eb466406d2094deefadc2cd6ddb4f6eeb086d1b4
Linux/Linux 7.0.10 - 7.0.*
Linux/Linux 7.1
Published Jun 24, 2026
Tracked Since Jun 24, 2026