In the Linux ath12k Wi‑Fi driver, dma_alloc_coherent allocates a DMA buffer and stores the returned addresses in unaligned fields. However, the code that frees the buffer mistakenly uses the aligned addresses stored elsewhere instead of the original unaligned pointer. This misuse of dma_free_coherent can corrupt kernel memory when the kernel deallocates memory that is still in use. The vulnerability, reflected in a CVSS score of 5.5, poses a moderate risk of kernel instability or crash.

All Linux kernel releases that ship the vulnerable ath12k driver code and have not applied the patch, particularly the 6.19 release‑candidate series up to rc6 and any earlier kernels that include the same code. Any distribution incorporating these kernels, whether as stock releases or as part of a maintenance update, is potentially affected unless upgraded to an image containing the fix.

The EPSS score is below 1% and the vulnerability is not listed in the CISA KEV catalog, indicating a low likelihood of exploitation. Based on the description, it is inferred that an attacker would need privileged or local access to the host and the ability to trigger the ath12k driver, for example by sending crafted wireless traffic or manually loading the driver. The impact is limited to kernel memory corruption and potential denial of service; no direct evidence of remote code execution is provided.