Linux Kernel Page Pool Memory Leak Vulnerability in FEC Ethernet Driver

A memory management vulnerability has been identified in the Linux kernel's FEC Ethernet driver. The issue arises from the improper handling of receive (RX) buffers in the page pool. The driver used 'page_pool_release_page' to free RX buffers, which only unmaps the page without recycling it. This oversight can lead to memory exhaustion after repeated cycles of bringing the 'eth0' interface up and down. The vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability can cause a denial-of-service condition by exhausting system memory, leading to out-of-memory errors.

Reproduction

The vulnerability can be reproduced by creating a script that repeatedly takes the 'eth0' network interface down and then brings it back up, effectively cycling the interface 20,000 times. This process can be automated with a loop in the script that includes a delay to allow the interface state to change before the next cycle begins. Monitoring the 'eth0' operational state after the test can confirm whether the interface has been successfully cycled.

Remediation

The vulnerability has been addressed in the official Linux kernel repository. Users should upgrade to the latest version where this issue has been fixed.