Fedor Pchelkin [off-list ref] writes:

Syzkaller detected a memory leak of skbs in ath9k_hif_usb_rx_stream().
While processing skbs in ath9k_hif_usb_rx_stream(), the already allocated
skbs in skb_pool are not freed if ath9k_hif_usb_rx_stream() fails. If we
have an incorrect pkt_len or pkt_tag, the skb is dropped and all the
associated skb_pool buffers should be cleaned, too.

Found by Linux Verification Center (linuxtesting.org) with Syzkaller.

Fixes: 6ce708f54cc8 ("ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream")
Fixes: 44b23b488d44 ("ath9k: hif_usb: Reduce indent 1 column")
Signed-off-by: Fedor Pchelkin <redacted>
Signed-off-by: Alexey Khoroshilov <redacted>

Is this the same issue reported in
https://lore.kernel.org/r/000000000000f3e5f805f133d3f7@google.com (local) ?

If so, could you please tag the patch appropriately?

-Toke