Linux Kernel DWC3 QCOM USB Driver Memory Leak Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's USB DWC3 Qualcomm driver. The issue arises in the 'dwc3_qcom_probe' function, where memory is allocated for a resource structure referenced by the 'parent_res' pointer. This allocated memory is not properly freed, leading to a memory leak. The vulnerability affects several versions of the Linux kernel.

Impact

Exploitation of this vulnerability can lead to a memory leak, where allocated memory is not released, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by loading the DWC3 QCOM USB driver in a version of the Linux kernel that is affected by this issue. The 'dwc3_qcom_probe' function will allocate memory for the resource structure without freeing it, leading to a memory leak.

Remediation

Users can upgrade to the latest version of the Linux kernel, where this vulnerability has been addressed. Instructions for upgrading the Linux kernel can be found in the official Linux documentation.