Linux Kernel OCFS2 Memory Leak Vulnerability in Stack Glue Initialization

A memory leak vulnerability has been identified in the Linux kernel's OCFS2 file system, specifically within the 'ocfs2_stack_glue_init' function. This issue arises because the 'ocfs2_table_header' is not properly freed if the 'ocfs2_sysfs_init' function fails. As a result, the kernel's memory leak detector, kmemleak, reports an unreferenced object, indicating a memory leak. The vulnerability is present in the Linux kernel stable tree.

Impact

Exploitation of this vulnerability leads to a memory leak, where allocated memory is not properly released, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by loading a kernel module that initializes the OCFS2 stack glue. If the 'ocfs2_sysfs_init' function fails, the 'ocfs2_table_header' is not freed, causing a memory leak. This can be observed using the 'modprobe' command to load the module, followed by checking the kmemleak reports for unreferenced objects.

Remediation

The vulnerability has been fixed in the Linux kernel. Users should upgrade to the latest version of the stable kernel where this issue has been addressed.