Linux Kernel RTL8723BS Staging Memory Leak Vulnerability in Command Initialization

A memory leak vulnerability has been addressed in the Linux kernel's RTL8723BS staging driver. The issue arises in the 'rtw_init_cmd_priv' function, where the 'cmd_allocated_buf' is not properly released if the 'rsp_allocated_buf' allocation fails. This oversight can lead to resource leaks. The vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability could lead to a memory leak, causing increased memory usage over time and potentially leading to exhaustion of available memory resources.

Reproduction

The vulnerability can be reproduced by invoking the 'rtw_init_cmd_priv' function in the 'cmd_priv' structure of the RTL8723BS staging driver. If the 'rsp_allocated_buf' fails to allocate memory, the function will not properly release the previously allocated 'cmd_allocated_buf', leading to a memory leak.

Remediation

The vulnerability has been fixed in the official Linux kernel repository. Users can apply the patch available in the Linux Git repository under the stable branch.