Linux Kernel Memory Leak Vulnerability in mlx5e Flow Steering Component

A memory leak vulnerability has been identified in the Linux kernel's mlx5e flow steering component. The issue arises in the 'mlx5e_fs_tt_redirect_any_create' function, where the memory allocated to the 'fs->any' pointer is not properly freed in the event of an error. This oversight can lead to a memory leak. The vulnerability affects the Linux kernel stable tree.

Impact

Exploitation of this vulnerability can lead to a memory leak, where allocated memory is not properly released, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by invoking the 'mlx5e_fs_tt_redirect_any_create' function within the mlx5e flow steering component. If an error occurs during the execution of this function, the 'fs->any' pointer will not be freed, leading to a memory leak. This behavior can be observed by monitoring memory usage before and after the function call, noting the increase in memory that is not released due to the leak.

Remediation

The vulnerability has been addressed in upstream commits 3250affdc658557a41df9c5fb567723e421f8bf2 and 75df2fe6d160e16be880aacacd521b135d7177c9. Users can apply the patch available in these commits to fix the memory leak issue.