Linux Kernel Memory Leak Vulnerability in DVB Frontend Component

A memory leak vulnerability has been identified in the Linux kernel's DVB frontend media component, specifically within the BCM3510 driver. This issue arises when firmware is downloaded to the device, as the allocated memory for the firmware is not properly released after the operation. The vulnerability affects the Linux kernel stable tree.

Impact

Exploitation of this vulnerability leads to a memory leak, where allocated memory is not released, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by using a DVB frontend that employs the BCM3510 driver to download firmware. During this process, the firmware is loaded into memory, but the driver's firmware handling code fails to release the memory once the download is complete. This oversight creates a gradual increase in memory consumption, which can be observed over time.

Remediation

Users can upgrade to the latest version of the Linux kernel stable tree, where this vulnerability has been addressed. Instructions for downloading the patched version are available on the Linux kernel official website.