Linux Kernel TCP/UDP Zero-Copy Socket Memory Leak Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's handling of TCP and UDP sockets with zero-copy transmission and TX timestamping. This issue arises when a socket is closed before the transmitted data can be acknowledged, leading to unfreed memory and potential resource exhaustion. The vulnerability affects several versions of the Linux kernel.

Impact

Exploitation of this vulnerability leads to memory leaks, where unreferenced objects are not properly released, causing increased memory usage and potential exhaustion of system resources.

Reproduction

The vulnerability can be reproduced by creating a UDP socket and enabling zero-copy transmission and TX timestamping. After sending a zero-copy message, the socket is closed, which triggers the memory leak. This sequence can be automated with a script or program that performs the necessary socket operations.

Remediation

Users can upgrade to the latest version of the Linux kernel, where this vulnerability has been addressed. Instructions for upgrading can be found in the official Linux kernel documentation.