Linux Kernel RISC-V Kexec Memory Leak Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's RISC-V architecture, specifically within the kexec file loading process. When a kernel is loaded or unloaded using kexec, a buffer allocated to store the device tree blob (fdt) is not properly freed, leading to a memory leak. This issue was detected by the kmemleak memory management tool, which reported an unreferenced object associated with the kexec command. The vulnerability affects several versions of the Linux kernel.

Impact

Exploitation of this vulnerability leads to a memory leak, where allocated memory is not returned to the system, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by loading a kernel using the kexec_file_load system call, which is available in the RISC-V architecture. During this process, a buffer is allocated for the device tree but is not freed when the kernel is reloaded or unloaded, causing a memory leak. This can be verified by observing the kmemleak reports, which will indicate the presence of the unreferenced object that was not properly freed.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability. The patch can be downloaded from the Linux kernel Git repository.