Linux Kernel Bluetooth Memory Leak Vulnerability in hci_update_adv_data

A memory leak vulnerability has been addressed in the Linux kernel's Bluetooth subsystem. The issue arose in the hci_update_adv_data() function, where the inst_ptr variable was not freed if the hci_cmd_sync_queue() call failed. This oversight led to a memory leak. The vulnerability has been resolved by modifying the code to use ERR_PTR/PTR_ERR for passing the instance to the callback, eliminating the need for additional memory allocation.

Impact

Exploitation of this vulnerability could lead to a memory leak, causing increased memory usage and potentially leading to memory exhaustion over time.