Linux Kernel Memory Leak Vulnerability in fbdev smscufx Driver

A memory leak vulnerability has been identified in the Linux kernel's fbdev smscufx driver. The issue arises in the 'ufx_usb_probe' function, where the error handling code is flawed, leading to unfreed memory. This flaw allows an unreferenced object to persist, causing a memory leak. The vulnerability has been reported by syzkaller.

Impact

Exploitation of this vulnerability leads to a memory leak, where allocated memory is not properly released, causing increased memory usage and potential degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by loading the smscufx driver, which is part of the Linux kernel's framebuffer device (fbdev) subsystem. Once the driver is loaded, the 'ufx_usb_probe' function will be executed. Due to the improper error handling in this function, memory allocated for certain objects will not be freed, leading to a memory leak. This can be verified by monitoring the system's memory usage, which will show an increase due to the unfreed objects.