Linux Kernel DWC3 USB Driver Memory Leak Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's DWC3 USB driver. The issue arises in the 'dwc3_probe' function, where the 'dwc3_get_properties' call retrieves a power supply reference. If subsequent operations fail, the allocated reference is not properly released, leading to a memory leak. This vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability can lead to memory leaks, causing increased memory usage over time and potentially leading to memory exhaustion.

Reproduction

The vulnerability can be reproduced by loading a DWC3 USB driver version of the Linux kernel that includes the faulty 'dwc3_probe' implementation. When the probe function is executed, the driver will fail to release power supply references on error paths, causing memory leaks.

Remediation

Users can upgrade to a patched version of the Linux kernel where this vulnerability has been addressed. The specific commit that fixes this issue is available in the Linux kernel stable tree.