CVE-2025-68765
Description
In the Linux kernel, the following vulnerability has been resolved:
mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add()
In mt7615_mcu_wtbl_sta_add(), an skb sskb is allocated. If the subsequent call to mt76_connac_mcu_alloc_wtbl_req() fails, the function returns an error without freeing sskb, leading to a memory leak.
Fix this by calling dev_kfree_skb() on sskb in the error handling path to ensure it is properly released.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A memory leak in mt7615_mcu_wtbl_sta_add() of the Linux kernel's mt76 driver can exhaust system memory, fixed by adding a missing skb free.
Vulnerability
In the Linux kernel's mt76 wireless driver, the function mt7615_mcu_wtbl_sta_add() allocates a socket buffer (skb) via dev_alloc_skb(). If the subsequent call to mt76_connac_mcu_alloc_wtbl_req() fails, the function returns an error without freeing the allocated skb, causing a memory leak [1].
Exploitation
An attacker with local access or the ability to trigger the vulnerable code path (e.g., by adding a station to the MT7615 wireless device) can repeatedly cause the allocation failure, leading to gradual memory exhaustion. The leak is triggered when mt76_connac_mcu_alloc_wtbl_req() returns an error, which may occur under resource pressure or due to invalid parameters.
Impact
Repeated exploitation can exhaust kernel memory, potentially leading to denial of service (system hang or crash). No privilege escalation or data is provided.
Mitigation
The fix, committed to the Linux kernel stable tree, adds a dev_kfree_skb() call in the error path to release the skb before returning [1]. Users should apply the patch or update to a kernel version containing the fix.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- git.kernel.org/stable/c/1c3c234af9407256ed670c8752923a672eea4225nvd
- git.kernel.org/stable/c/278bfed4529a0c9c9119f5a52ddafe69db61a75cnvd
- git.kernel.org/stable/c/4d42aba0ee49c0aa015c50c4f2a07cf8fa1c3a49nvd
- git.kernel.org/stable/c/53d1548612670aa8b5d89745116cc33d9d172863nvd
- git.kernel.org/stable/c/594ff8bb69e239678a8baa461827ce4bb90eff8fnvd
- git.kernel.org/stable/c/d6c91fc732698642f70c688324c98551b97b412cnvd
- git.kernel.org/stable/c/fb905e69941b44e03fe1a24e95328d45442b6d6dnvd
News mentions
0No linked articles in our index yet.