Linux Kernel USB Gadget Memory Leak Vulnerability in gr_udc Driver

A memory leak vulnerability has been identified in the Linux kernel USB gadget driver, specifically in the gr_udc component. This issue arises when the debugfs_lookup() function is called without subsequently using dput() to release the reference, leading to a gradual memory leak. The vulnerability affects the stable versions of the Linux kernel.

Impact

Exploitation of this vulnerability causes a memory leak, which can accumulate over time and potentially lead to increased memory usage or exhaustion.

Reproduction

The vulnerability can be reproduced by using the gr_udc USB gadget driver and performing operations that involve the debugfs_lookup() function without properly releasing the reference with dput(). This can be done by modifying the driver code to omit the dput() call after using debugfs_lookup(), allowing the memory leak to occur.

Remediation

The vulnerability has been addressed by modifying the gr_udc driver to use debugfs_lookup_and_remove(), which automatically handles the reference management and prevents the memory leak.