Linux Kernel NVMe Core Dev PM Qos Memory Leak Vulnerability

A memory leak vulnerability has been identified in the NVMe core of the Linux kernel. This issue arises during the initialization of NVMe controllers, where user-defined latency tolerances are not properly managed, leading to unreferenced objects that can accumulate over time. The vulnerability has been addressed by modifying the error handling process to include a call that properly hides these latency tolerances, thereby preventing the memory leak.

Impact

Exploitation of this vulnerability can lead to a memory leak, where unreferenced objects are not properly cleaned up, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by using the 'blktests' framework, specifically the 'nvme/044' test, which checks bi-directional authentication. Before running the test, the 'kmemleak' feature should be cleared to prepare for memory leak detection. After the test is executed, 'kmemleak-scan' should be run to scan for memory leaks, followed by 'kmemleak-show' to display any unreferenced objects. The output will reveal the details of the memory leak, including the size of the unreferenced object and its age, indicating that the memory leak has occurred.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version can be found in the Linux kernel documentation.