Linux Kernel Privilege Escalation Vulnerability in Perf Trace Component

A memory leak vulnerability has been identified in the Linux kernel's perf trace component. This issue arises because the syscall trace fields in the evsel->priv area were not being properly freed, leading to memory leaks. The vulnerability is present in the Linux kernel stable tree. The leak was detected using AddressSanitizer, which revealed that 80 bytes of memory were leaked due to improper handling of syscall trace private data.

Impact

Exploitation of this vulnerability leads to memory leaks, which can cause increased memory usage and potential degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by using the 'perf trace' command with a sleep argument. This command will trigger the memory leak by adding new syscall trace events, which are not properly cleaned up afterwards.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for upgrading the Linux kernel can be found in the official Linux documentation.