Linux Kernel Memory Leak Vulnerability in Microchip VCAP API

A memory leak vulnerability has been identified in the Linux kernel's Microchip VCAP API, specifically within the 'vcap_dup_rule' function. This issue arises when the 'CONFIG_VCAP_KUNIT_TEST' option is selected. The vulnerability occurs because if the 'kzalloc' allocation for duplicating a rule is successful, but the subsequent 'kmemdup' operation fails, the memory allocated for the duplicate rule and its associated key and action fields will be leaked. The vulnerability can be reproduced by running a KUnit test that exercises the VCAP rule duplication functionality, under the specified configuration.

Impact

Exploitation of this vulnerability leads to a memory leak, where allocated memory is not properly freed, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

To reproduce this vulnerability, enable the 'CONFIG_VCAP_KUNIT_TEST' option in the Linux kernel configuration. Then, run the KUnit test suite, which will trigger the 'vcap_dup_rule' function. The vulnerability will manifest as a memory leak, observable through the KUnit test framework's reporting.

Remediation

The vulnerability has been addressed in the Linux kernel. Users should upgrade to the latest version where this issue has been fixed.