Linux Kernel MTD Resource Leak Vulnerability

A resource leak vulnerability has been identified in the Linux kernel's Memory Technology Device (MTD) subsystem. This issue arises during the initialization of the MTD module, where a duplicate filename in the sysfs creates a conflict. The error occurs because the Block Device Interface (BDI) object for MTD is not properly unregistered if the initialization process encounters a failure, preventing the MTD module from being reloaded. This vulnerability affects several versions of the Linux kernel.

Impact

Failure to properly manage BDI objects can lead to resource leaks, causing issues when attempting to reload the MTD module after a failure in the initialization process.

Reproduction

The vulnerability can be reproduced by loading the MTD module in a way that causes the initialization function to fail, such as by injecting a fault. This will trigger the error handling path, where the BDI object is not unregistered, leading to a resource leak.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.