Linux Kernel BPF CPUMAP Memory Leak Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's BPF CPUMAP implementation, specifically within the 'cpu_map_update_elem' function. This issue arises when 'kthread_stop' is called before the associated thread function has a chance to execute, preventing the proper release of memory resources. As a result, allocated objects remain unreferenced and cannot be freed, leading to a memory leak. This vulnerability was reported by Syzkaller, which detected unreferenced objects that were not properly released, causing a memory leak.

Impact

Exploitation of this vulnerability leads to a memory leak, where allocated memory is not properly released, causing increased memory usage and potential exhaustion of system resources.

Reproduction

The vulnerability can be reproduced by invoking the 'cpu_map_update_elem' function in a scenario where 'kthread_stop' is called before the corresponding thread function has executed. This can be achieved by using a workload that triggers the 'cpu_map_update_elem' function while simultaneously stopping the related kernel thread, creating a condition where the reference count of the CPU map entry does not reach zero, and the allocated resources are not released.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version can be found in the Linux kernel official repository.