CVE-2025-68759
Description
In the Linux kernel, the following vulnerability has been resolved:
wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring()
In rtl8180_init_rx_ring(), memory is allocated for skb packets and DMA allocations in a loop. When an allocation fails, the previously successful allocations are not freed on exit.
Fix that by jumping to err_free_rings label on error, which calls rtl8180_free_rx_ring() to free the allocations. Remove the free of rx_ring in rtl8180_init_rx_ring() error path, and set the freed priv->rx_buf entry to null, to avoid double free.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A memory leak in the Linux kernel's rtl8180 Wi-Fi driver (rtl818x) occurs when rx ring initialization fails, potentially leading to resource exhaustion.
A vulnerability in the Linux kernel's rtl818x wireless driver (rtl8180_init_rx_ring()) can result in a memory leak. During the initialization of the receive ring, memory is allocated for socket buffers (skb) and DMA mappings in a loop. If an allocation fails, the previously successful allocations are not freed, causing memory to be unreclaimed [1].
The bug is triggered when an error occurs during the allocation loop, for example due to memory pressure or resource constraints. A local attacker with the ability to trigger driver initialization (e.g., by loading/unloading the module or bringing the interface up) could repeatedly cause allocation failures, leading to accumulation of leaked memory [1].
The impact is potential memory exhaustion, which can result in a denial of service (system hang or crash). The vulnerability does not allow code execution or privilege escalation.
The issue was fixed in the Linux kernel by redirecting the error path to the existing rtl8180_free_rx_ring() function, which properly frees all previously allocated resources. Additionally, the freed entry in priv->rx_buf is set to NULL to prevent double-free. Patches have been applied to stable kernels [1][2][3].
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- git.kernel.org/stable/c/3677c01891fb0239361e444afee8398868e34bdfnvd
- git.kernel.org/stable/c/89caaeee8dd95fae8bb4f4964e6fe3ca688500c4nvd
- git.kernel.org/stable/c/9b5b9c042b30befc5b37e4539ace95af70843473nvd
- git.kernel.org/stable/c/a4fb7cca9837378878e6c94d9e7af019c8fdfcdbnvd
- git.kernel.org/stable/c/a813a74570212cb5f3a7d3b05c0cb0cd00bace1dnvd
- git.kernel.org/stable/c/bf8513dfa31ea015c9cf415796dca2113d293840nvd
- git.kernel.org/stable/c/c9d1c4152e6d32fa74034464854bee262a60bc43nvd
- git.kernel.org/stable/c/ee7db11742b30641f21306105ad27a275e3c61d7nvd
News mentions
0No linked articles in our index yet.