SB2025122666 - Memory leak in Linux kernel ath ath9k driver
Published: December 26, 2025 Updated: December 31, 2025
Security Bulletin ID
SB2025122666
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2022-50740)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ath9k_hif_usb_dealloc_tx_urbs() function in drivers/net/wireless/ath/ath9k/hif_usb.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/08aa0537ec8cf29ceccae98acc1a534fc12598c1
- https://git.kernel.org/stable/c/134ae5eba41294eff76e4be20d6001b8f0192207
- https://git.kernel.org/stable/c/472312fef2b9eccaa03bd59e0ab2527da945e736
- https://git.kernel.org/stable/c/9850791d389b342ae6e573fe8198db0b4d338352
- https://git.kernel.org/stable/c/c05189a429fdb371dd455c3c466d67ac2ebff152
- https://git.kernel.org/stable/c/c2a94de38c74e86f49124ac14f093d6a5c377a90
- https://git.kernel.org/stable/c/c3fb3e9a2c0c1a0fa492d90eb19bcfa92a5f884d
- https://git.kernel.org/stable/c/d856f7574bcc1d81de565a857caf32f122cd7ce0
- https://git.kernel.org/stable/c/eddbb8f7620f9f8008b090a6e10c460074ca575a
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.270