Linux Kernel Hisilicon Network Subsystem Memory Leak Vulnerability in hnae_ae_register Function

A memory leak vulnerability has been identified in the Linux kernel's handling of the Hisilicon Network Subsystem. The issue arises in the hnae_ae_register function, where the device_register call can fail. If this happens, the reference count of the associated kobject is not properly decremented, leading to a leak of the name allocated by dev_set_name. This leaked name is not freed, causing unreferenced memory. The vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability can lead to a memory leak, where allocated memory is not properly released, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by probing a module that registers a device with the Hisilicon Network Subsystem. If the device_register call fails, the hnae_ae_register function does not properly release the allocated name, leading to a memory leak. This can be observed by monitoring the system's memory usage for unfreed allocations related to the hnae0 device.

Remediation

The vulnerability has been addressed in the Linux kernel. Users should upgrade to a version that includes the fix.