Linux Kernel IPC Memory Leak Vulnerability in Message Queue Initialization

A memory leak vulnerability has been identified in the Linux kernel's inter-process communication (IPC) subsystem, specifically within the message queue (mqueue) initialization process. When the function 'setup_mq_sysctls()' fails during the 'init_mqueue_fs()' execution, the 'mqueue_inode_cachep' is not properly released, leading to a memory leak. This issue has been addressed by reordering the release process to ensure proper memory management.

Impact

Exploitation of this vulnerability leads to a memory leak, where allocated memory is not released, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by triggering a failure in the 'setup_mq_sysctls()' function while initializing the message queue filesystem. This can be done by manipulating the conditions under which 'setup_mq_sysctls()' operates, causing it to fail and not release the 'mqueue_inode_cachep', thereby creating a memory leak.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for upgrading the Linux kernel can be found in the official Linux documentation.