Linux Kernel JFFS2 Filesystem Memory Leak Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's JFFS2 filesystem implementation. The issue arises in the 'jffs2_do_mount_fs' function, where resources allocated during the filesystem initialization are not properly released. This oversight leads to unreferenced objects remaining in memory, as reported by the kernel's memory leak detector. The problem can be traced back to the 'jffs2_sum_init' function, which allocates resources that are not freed, causing a memory leak when 'jffs2_build_filesystem' returns an error. The unreferenced objects include a 64-byte and a 64-kilobyte allocation, both associated with the 'mount' command.

Impact

Exploitation of this vulnerability leads to a memory leak, where allocated resources are not released, potentially causing increased memory usage and degradation of system performance over time.

Remediation

The vulnerability can be addressed by modifying the JFFS2 filesystem code to ensure that all allocated resources are properly released. This involves calling the 'jffs2_sum_exit' function to free the resources allocated by 'jffs2_sum_init'.