Linux Kernel Wi-Fi PLFXLC Driver Memory Leak Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's PLFXLC Wi-Fi driver, specifically in the function '__lf_x_usb_enable_rx()'. The issue arises because USB request blocks (urbs) are not properly freed in exception paths, leading to a potential memory leak. This vulnerability affects the stable versions of the Linux kernel that include the PLFXLC driver for PureLiFi X, XL, and XC devices.

Impact

Exploitation of this vulnerability can lead to a memory leak, where allocated memory is not properly released, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by using the PureLiFi PLFXLC Wi-Fi driver in the Linux kernel. When the driver encounters an error in the '__lf_x_usb_enable_rx()' function, the USB request blocks (urbs) are not freed, causing a memory leak. This behavior can be observed by monitoring memory usage while the driver is active.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been patched. The patch is available in the Linux kernel stable tree.