Linux Kernel NTFS3 File System Memory Leak Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's NTFS3 file system implementation. This issue arises in the 'ntfs_fill_super()' function, where mount options are not properly released during error handling. The vulnerability has been observed in the Linux kernel stable tree.

Impact

Exploitation of this vulnerability leads to a memory leak, where allocated memory is not properly freed, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by mounting an NTFS3 file system in a way that triggers an error during the 'ntfs_fill_super()' process. This can be done by using specific mount options that the file system does not handle correctly, or by simulating a failure in the file system initialization process. The memory leak can then be observed using the 'kmemleak' tool, which reports unreferenced objects that have not been freed.

Remediation

The vulnerability has been addressed in the Linux kernel. Users can upgrade to the latest version of the stable Linux kernel to apply the fix.