Linux Kernel Wilc1000 Driver Memory Leak Vulnerability

A memory leak vulnerability has been identified in the Linux kernel Wilc1000 wireless driver. The issue arises in the 'wilc_mac_xmit()' function, which returns 'NETDEV_TX_OK' without properly freeing the 'skb' (socket buffer). This oversight can lead to a gradual increase in memory usage, potentially causing performance degradation or exhaustion of available memory resources. The vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability can lead to a memory leak, where allocated memory is not properly released. Over time, this can cause increased memory usage and potentially exhaust system resources, leading to performance issues or system instability.

Reproduction

The vulnerability can be reproduced by sending packets to a network device managed by the Wilc1000 driver. The 'wilc_mac_xmit()' function will process the packets but fail to free the associated socket buffers, creating a memory leak. This issue has been compile-tested only.

Remediation

The vulnerability has been addressed by modifying the 'wilc_mac_xmit()' function to include a call to 'dev_kfree_skb()' to properly free the socket buffers before returning 'NETDEV_TX_OK'. Users should update to the patched version of the Linux kernel.