Linux Kernel USB SL811 Memory Leak Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's USB SL811 host controller driver. The issue arises when the function 'debugfs_lookup()' is called; the result must be released with 'dput()' to prevent memory leakage over time. The vulnerability affects the stable versions of the Linux kernel.

Impact

The vulnerability leads to a memory leak, which can accumulate over time and potentially cause performance degradation or exhaustion of system resources.

Reproduction

The vulnerability can be reproduced by using the USB SL811 host controller driver in the Linux kernel. When 'debugfs_lookup()' is called without the corresponding 'dput()' to release the memory, a memory leak occurs. This can be observed by monitoring the system's memory usage over time, which will show an increase due to the unfreed memory.

Remediation

The vulnerability has been addressed in the Linux kernel by replacing 'debugfs_lookup()' with 'debugfs_lookup_and_remove()', which automatically handles the memory management properly.