CVE-2025-68765 - Vulnerability Details

- mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add()

Description

In the Linux kernel, the following vulnerability has been resolved:

mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add()

In mt7615_mcu_wtbl_sta_add(), an skb sskb is allocated. If the
subsequent call to mt76_connac_mcu_alloc_wtbl_req() fails, the function
returns an error without freeing sskb, leading to a memory leak.

Fix this by calling dev_kfree_skb() on sskb in the error handling path
to ensure it is properly released.

Published: 2026-01-05

Score: n/a

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`99c457d902cf90bdc0df5d57e6156ec108711068`	affected	< d6c91fc732698642f70c688324c98551b97b412c
`99c457d902cf90bdc0df5d57e6156ec108711068`	affected	< 594ff8bb69e239678a8baa461827ce4bb90eff8f
`99c457d902cf90bdc0df5d57e6156ec108711068`	affected	< 1c3c234af9407256ed670c8752923a672eea4225
`99c457d902cf90bdc0df5d57e6156ec108711068`	affected	< 278bfed4529a0c9c9119f5a52ddafe69db61a75c
`99c457d902cf90bdc0df5d57e6156ec108711068`	affected	< fb905e69941b44e03fe1a24e95328d45442b6d6d
`99c457d902cf90bdc0df5d57e6156ec108711068`	affected	< 4d42aba0ee49c0aa015c50c4f2a07cf8fa1c3a49
`99c457d902cf90bdc0df5d57e6156ec108711068`	affected	< 53d1548612670aa8b5d89745116cc33d9d172863

Linux

affected

Version	Status	Constraints
`5.7`	affected	—
`0`	unaffected	< 5.7
`5.15.198`	unaffected	≤ 5.15.*
`6.1.160`	unaffected	≤ 6.1.*
`6.6.120`	unaffected	≤ 6.6.*
`6.12.63`	unaffected	≤ 6.12.*
`6.17.13`	unaffected	≤ 6.17.*
`6.18.2`	unaffected	≤ 6.18.*
`6.19`	unaffected	≤ *

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Debian DLA	DLA-4476-1	linux-6.1 security update
Debian DSA	DSA-6127-1	linux security update
Ubuntu USN	USN-8094-1	Linux kernel vulnerabilities
Ubuntu USN	USN-8096-1	Linux kernel vulnerabilities
Ubuntu USN	USN-8096-2	Linux kernel (FIPS) vulnerabilities
Ubuntu USN	USN-8094-2	Linux kernel vulnerabilities
Ubuntu USN	USN-8096-3	Linux kernel vulnerabilities
Ubuntu USN	USN-8096-4	Linux kernel (Real-time) vulnerabilities
Ubuntu USN	USN-8096-5	Linux kernel (NVIDIA Tegra IGX) vulnerabilities
Ubuntu USN	USN-8116-1	Linux kernel (Intel IoTG Real-time) vulnerabilities
Ubuntu USN	USN-8094-3	Linux kernel (Real-time) vulnerabilities
Ubuntu USN	USN-8094-4	Linux kernel (Azure) vulnerabilities
Ubuntu USN	USN-8094-5	Linux kernel (Raspberry Pi) vulnerabilities
Ubuntu USN	USN-8141-1	Linux kernel (Raspberry Pi) vulnerabilities
Ubuntu USN	USN-8152-1	Linux kernel (OEM) vulnerabilities
Ubuntu USN	USN-8163-1	Linux kernel (Azure FIPS) vulnerabilities
Ubuntu USN	USN-8163-2	Linux kernel (Azure) vulnerabilities
Ubuntu USN	USN-8179-1	Linux kernel vulnerabilities
Ubuntu USN	USN-8184-1	Linux kernel (Real-time) vulnerabilities
Ubuntu USN	USN-8179-2	Linux kernel (FIPS) vulnerabilities
Ubuntu USN	USN-8185-1	Linux kernel (NVIDIA) vulnerabilities
Ubuntu USN	USN-8179-3	Linux kernel vulnerabilities
Ubuntu USN	USN-8203-1	Linux kernel (Oracle) vulnerabilities
Ubuntu USN	USN-8204-1	Linux kernel (Raspberry Pi Real-time) vulnerabilities
Ubuntu USN	USN-8185-2	Linux kernel (Low Latency NVIDIA) vulnerabilities
Ubuntu USN	USN-8179-4	Linux kernel (GCP) vulnerabilities
Ubuntu USN	USN-8243-1	Linux kernel (Azure) vulnerabilities
Ubuntu USN	USN-8258-1	Linux kernel (Azure) vulnerabilities
Ubuntu USN	USN-8260-1	Linux kernel (Azure FIPS) vulnerabilities
Ubuntu USN	USN-8261-1	Linux kernel (Xilinx) vulnerabilities
Ubuntu USN	USN-8265-1	Linux kernel (NVIDIA Tegra) vulnerabilities

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00068.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/1c3c234af9407256ed670c8752923a672eea4225
https://git.kernel.org/stable/c/278bfed4529a0c9c9119f5a52ddafe69db61a75c
https://git.kernel.org/stable/c/4d42aba0ee49c0aa015c50c4f2a07cf8fa1c3a49
https://git.kernel.org/stable/c/53d1548612670aa8b5d89745116cc33d9d172863
https://git.kernel.org/stable/c/594ff8bb69e239678a8baa461827ce4bb90eff8f
https://git.kernel.org/stable/c/d6c91fc732698642f70c688324c98551b97b412c
https://git.kernel.org/stable/c/fb905e69941b44e03fe1a24e95328d45442b6d6d
https://lore.kernel.org/linux-cve-announce/2026010519-CVE-2025-68765-7c16@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2025-68765
https://www.cve.org/CVERecord?id=CVE-2025-68765

History

Mon, 19 Jan 2026 12:45:00 +0000

Type	Values Removed	Values Added
References		https://git.kernel.org/stable/c/d6c91fc732698642f70c688324c98551b97b412c

Sun, 11 Jan 2026 16:45:00 +0000

Type	Values Removed	Values Added
References		https://git.kernel.org/stable/c/1c3c234af9407256ed670c8752923a672eea4225 https://git.kernel.org/stable/c/594ff8bb69e239678a8baa461827ce4bb90eff8f

Tue, 06 Jan 2026 00:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2026010519-CVE-2025-68765-7c16@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2025-68765 https://www.cve.org/CVERecord?id=CVE-2025-68765

Mon, 05 Jan 2026 10:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add() In mt7615_mcu_wtbl_sta_add(), an skb sskb is allocated. If the subsequent call to mt76_connac_mcu_alloc_wtbl_req() fails, the function returns an error without freeing sskb, leading to a memory leak. Fix this by calling dev_kfree_skb() on sskb in the error handling path to ensure it is properly released.
Title		mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/278bfed4529a0c9c9119f5a52ddafe69db61a75c https://git.kernel.org/stable/c/4d42aba0ee49c0aa015c50c4f2a07cf8fa1c3a49 https://git.kernel.org/stable/c/53d1548612670aa8b5d89745116cc33d9d172863 https://git.kernel.org/stable/c/fb905e69941b44e03fe1a24e95328d45442b6d6d

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-01-05T09:44:13.242Z

Updated: 2026-05-11T21:52:55.118Z

Reserved: 2025-12-24T10:30:51.034Z

Link: CVE-2025-68765

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2026-01-05T10:15:57.697

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-68765

Redhat

Severity :

Publid Date: 2026-01-05T00:00:00Z

Links: CVE-2025-68765 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object