Description
In the Linux kernel, the following vulnerability has been resolved:

wifi: mt76: Fix memory leak destroying device

All MT76 rx queues have an associated page_pool even if the queue is not
associated to a NAPI (e.g. WED RRO queues with WED enabled). Destroy the
page_pool running mt76_dma_cleanup routine during module unload.
Moreover returns pages to the page pool if WED is not enabled for WED RRO
queues.
Published: 2026-06-24
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Linux kernel contains a memory leak in the mt76 Wi‑Fi driver. Each receive queue maintains a page_pool even when it is not used for NAPI, such as certain WED RRO queues. When the module unloads, these page_pools are not destroyed, causing pages to remain allocated and the system’s free memory to shrink over time until the device is removed or the kernel becomes unstable.

Affected Systems

Any Linux kernel that compiles and loads the mt76 driver is affected. Neither the vendor nor the product scope is narrowed to a version, and no specific kernel release is mentioned. Systems that use a configuration including the mt76 module may experience the leak.

Risk and Exploitability

The CVSS score is 5.5 and the EPSS score is less than 1%, with no listing in CISA's KEV catalog. The likely attack vector is local, inferred from the requirement to unload the driver module; the vulnerability does not provide remote code execution or privilege escalation. Consequently, the risk of exploitation is low, and the impact remains confined to memory availability and device stability.

Generated by OpenCVE AI on June 27, 2026 at 04:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest kernel update that contains the mt76 memory‑leak fix, or merge the commit history shown in the references into your source tree and rebuild the kernel.
  • Ensure the updated kernel or patched module is configured to load during system startup, and that any previously loaded mt76 modules are replaced.
  • Reboot the system to unload and reload the driver, verifying that no new memory leaks are reported after the patch.

Generated by OpenCVE AI on June 27, 2026 at 04:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 27 Jun 2026 03:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Sat, 27 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-772
References
Metrics threat_severity

None

cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Low


Wed, 24 Jun 2026 21:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Wed, 24 Jun 2026 17:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: Fix memory leak destroying device All MT76 rx queues have an associated page_pool even if the queue is not associated to a NAPI (e.g. WED RRO queues with WED enabled). Destroy the page_pool running mt76_dma_cleanup routine during module unload. Moreover returns pages to the page pool if WED is not enabled for WED RRO queues.
Title wifi: mt76: Fix memory leak destroying device
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-24T16:30:39.844Z

Reserved: 2026-06-09T07:44:35.385Z

Link: CVE-2026-53104

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

Severity : Low

Publid Date: 2026-06-24T00:00:00Z

Links: CVE-2026-53104 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-27T04:30:11Z

Weaknesses
  • CWE-772

    Missing Release of Resource after Effective Lifetime