Impact
An unreferenced kernel memory object remains allocated when a 6 GHz Wi‑Fi scan fails. The rdev->int_scan_req structure is never freed because the cleanup path is bypassed, causing a memory leak that progressively consumes system RAM and can degrade kernel responsiveness.
Affected Systems
All Linux kernel builds that include the affected wireless driver code prior to the patch, across all vendor distributions using the upstream kernel. The issue is a Linux kernel bug, not tied to a specific distribution package.
Risk and Exploitability
The flaw resides in a driver‑level memory allocation path and does not enable credential elevation or code execution. The vulnerability has a CVSS score of 5.5, indicating medium severity. The EPSS score is < 1% and the vulnerability is not listed in the CISA KEV catalog. Although exploitation is unlikely to be public, repeated failures could lead to memory exhaustion and disrupt kernel operations.
OpenCVE Enrichment