Linux Kernel CIFS Memory Leak Vulnerability in NTLMSSP Negotiation

A memory leak vulnerability has been identified in the Linux kernel's CIFS (Common Internet File System) implementation. This issue arises during the NTLMSSP (NT LAN Manager Security Support Provider) negotiation process when building the negotiation blob fails. The vulnerability leads to an unreferenced object not being properly released, causing a memory leak. The problem occurs in the CIFS mount operation, specifically within the SMB2 session authentication process.

Impact

Exploitation of this vulnerability causes a memory leak, where allocated memory is not properly released, potentially leading to increased memory usage and degradation of system performance over time.

Reproduction

To reproduce this vulnerability, mount a CIFS file system using a configuration that triggers a failure in the NTLMSSP negotiation blob creation. This can be done by specifying incorrect authentication details or by using a server that does not properly support the NTLMSSP negotiation. Once the mount operation is attempted, the memory leak can be observed by monitoring the system's memory usage.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. The specific commit that fixes this issue is available in the Linux kernel stable tree.