Linux Kernel Stratix10-SVC Resource Leak Vulnerability in Memory Pool Management

A resource leak vulnerability has been identified in the Linux kernel's Stratix10 service layer driver. The issue arises in the 'svc_create_memory_pool()' function, which is called during the probe phase of the driver. While most resources are properly managed, the 'memremap()' call in this function is not, leading to a potential resource leak. The absence of a corresponding 'memunmap()' call further exacerbates the issue. To address this, the 'memremap()' call has been replaced with 'devm_memremap()', which automatically manages the memory mapping and unmapping, preventing the resource leak.

Impact

Exploitation of this vulnerability could lead to a resource leak, where memory is allocated but not properly released, potentially causing memory exhaustion over time.

Reproduction

The vulnerability can be reproduced by loading the Stratix10 service layer driver, which will invoke the 'svc_create_memory_pool()' function. This will trigger the 'memremap()' call without a proper unmapping, leading to the resource leak.

Remediation

The vulnerability has been addressed in the Linux kernel by updating the memory management in the Stratix10 service layer driver. Users should upgrade to the latest version of the Linux kernel where this fix has been applied.