Linux Kernel WiFi Libertas Driver Memory Leak Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's WiFi Libertas driver. This issue arises in the 'lbs_init_adapter' function, where the 'kfifo_alloc' function's failure to allocate memory for the command buffer is not properly handled. As a result, the allocated command buffer is not released, leading to a memory leak. The vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability can lead to a memory leak, where allocated memory is not properly released, potentially causing increased memory usage and exhaustion over time.

Reproduction

The vulnerability can be reproduced by triggering a failure in the 'kfifo_alloc' function within the 'lbs_init_adapter' function of the WiFi Libertas driver. This can be done by simulating low memory conditions that prevent 'kfifo_alloc' from successfully allocating memory for the command buffer. When 'kfifo_alloc' fails, the function currently does not release any previously allocated memory for the command buffer, creating a memory leak.

Remediation

Users can upgrade to the latest version of the Linux kernel, where this vulnerability has been addressed. Instructions for upgrading the Linux kernel can be found in the official Linux documentation or through the package management system of the respective Linux distribution.