Linux Kernel Shared HCD Leakage Vulnerability in XHCI-MTK USB Controller

A vulnerability in the Linux kernel's handling of the XHCI-MTK USB controller can lead to a memory leak of the shared host controller driver (HCD) when the wakeup interrupt cannot be set. This issue arises because the shared HCD cannot be set to NULL before decrementing the usage count, preventing the shared HCD from being properly released. The vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability can cause a memory leak by failing to release the shared host controller driver, which may lead to increased memory usage and potential degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by probing a platform device with the XHCI-MTK USB controller driver, and failing to set the wakeup interrupt. This will result in the shared host controller driver not being released, causing a memory leak.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for upgrading the Linux kernel can be found in the official Linux documentation.