Linux Kernel AppArmor Memory Leak Vulnerability in Multi-Transaction Handling

A memory leak vulnerability has been identified in the Linux kernel's AppArmor subsystem, specifically within the function 'multi_transaction_new()'. The issue arises because the variable 't' is not properly freed or returned when 'copy_from_user()' fails, leading to a memory leak. This vulnerability affects the Linux kernel stable group.

Impact

Exploitation of this vulnerability can lead to a memory leak, where allocated memory is not properly released, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by invoking the 'multi_transaction_new()' function in the AppArmor subsystem with a buffer size that causes 'copy_from_user()' to fail. This failure will result in the 't' variable not being freed, creating a memory leak.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability. Instructions for downloading the patched version can be found in the Linux kernel Git repository.