Linux Kernel mISDN Memory Leak Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's mISDN subsystem. The issue arises in the mISDN_register_device() function, where the device name is dynamically allocated. Following a recent change to eliminate the bus_id string array from the device structure, the reference to the device name is not properly released. This oversight can lead to a memory leak, as the name remains allocated and is only freed when the reference count drops to zero. The vulnerability has been addressed by adding a put_device() call to release the reference, allowing the name to be freed during the kobject_cleanup() process. The device class is now set before the put_device() call to prevent releasing a null reference, which would trigger a warning in the device_release() function.

Impact

Exploitation of this vulnerability could lead to a memory leak, where allocated memory is not properly released, potentially causing increased memory usage and degradation of system performance over time.