Linux Kernel Staging VT6655 Driver Memory Management Vulnerability

A memory management vulnerability has been identified in the Linux kernel's staging VT6655 driver. The issue arises in several initialization functions where memory is allocated using an index variable 'i' that increments from 0. Although a recent commit introduced cleanup code to address allocation failures by freeing memory in reverse order, this fix is incomplete. Specifically, the case where 'i' equals 0 is omitted, leading to a memory leak. Additionally, if memory allocation fails initially, the cleanup process attempts to access invalid memory locations. This vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability can lead to memory leaks and access violations, potentially causing instability in the system or application.

Reproduction

The vulnerability can be reproduced by initializing the VT6655 driver in a way that triggers the faulty memory allocation and cleanup logic. This can be done by forcing a memory allocation failure after some bytes have already been allocated, which will cause the cleanup process to start with an invalid index, leading to the access of erroneous memory locations.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.