Linux Kernel Resource Leak Vulnerability in Device Management

A resource leak vulnerability has been identified in the Linux kernel's driver core, specifically within the device_add() function. When the kobject_add() call fails, device_add() attempts to free resources by calling cleanup_glue_dir(). However, because kobject_add() has already set dev->kobj.parent to NULL, this cleanup process is incomplete, leading to a resource leak. This issue can cause the mac80211_hwsim.ko module to fail to load, as the system will attempt to create a duplicate entry in the sysfs, which is not allowed. The vulnerability arises from a race condition between creating or querying the glue directory and its cleanup, which can be exploited by improperly managing device registrations.

Impact

The vulnerability can cause modules to fail to load due to sysfs conflicts, but it also represents a broader issue of resource management that could be exploited in other ways.

Reproduction

To reproduce this vulnerability, attempt to load the mac80211_hwsim.ko module into the Linux kernel. The module loading process will trigger the device_add() function, which will encounter the resource leak issue. The failure will be accompanied by a sysfs error indicating a duplicate filename, highlighting the conflict caused by the incomplete resource management.

Remediation

The vulnerability has been addressed in the Linux kernel. Users should upgrade to a version that includes the fix.