Linux Kernel Memory Leak Vulnerability in SunRPC Module

Vulnerability

A vulnerability in the Linux kernel's SunRPC module could lead to memory leaks. The issue arises in the `rpc_sysfs_xprt_state_change()` function, where error handling paths may cause reference count leaks. Specifically, when the function fails to retrieve the `xprt` object, it returns 0 without decreasing the reference count of the `xps` object, which can lead to memory being improperly released. Additionally, the function does not validate the `xps` object before use, potentially causing NULL dereference errors. The vulnerability has been addressed by improving error handling to check for NULL values in `xprt` and `xps`.

Impact

The vulnerability can cause memory leaks, which may lead to increased memory usage and potential exhaustion of system resources.

Added: Jun 18, 2025, 7:07 PM

Updated: Jun 18, 2025, 7:07 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Memory Leak Vulnerability in SunRPC Module

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating