Linux Kernel USB UHCI Debugfs Memory Leak Vulnerability

A memory leak vulnerability has been identified in the USB UHCI (Universal Host Controller Interface) driver of the Linux kernel. This issue arises when the function 'debugfs_lookup()' is called without subsequently using 'dput()' to release the reference, leading to a gradual increase in memory usage over time. The vulnerability is present in the Linux kernel stable tree. The root cause is the improper handling of debugfs lookups, which can be exploited by failing to release memory references, causing a leak.

Impact

The vulnerability leads to a memory leak, where allocated memory is not properly released, causing increased memory usage over time and potentially leading to exhaustion of system resources.

Reproduction

The vulnerability can be reproduced by using the USB UHCI driver and performing operations that involve 'debugfs_lookup()' without the corresponding 'dput()' call to release the reference. This can be done by modifying the driver code to omit the 'dput()' call after using 'debugfs_lookup()', which will result in a memory leak.

Remediation

The vulnerability has been addressed by modifying the USB UHCI driver to use 'debugfs_lookup_and_remove()' instead of 'debugfs_lookup()'. This change ensures that the memory is properly managed and prevents the leak. Users can apply the latest patches available in the Linux kernel stable tree to remediate this vulnerability.