Linux Kernel USB Gadget Raw Driver Memory Leak Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's USB raw gadget driver. The issue arises because the driver's event queueing function can return an error after the device count has already been incremented. This error handling flaw prevents the proper release of device resources, leading to a memory leak. The vulnerability is present in the Linux kernel stable tree.

Impact

Exploitation of this vulnerability causes a memory leak, where allocated memory is not properly released, potentially leading to increased memory usage and exhaustion over time.

Reproduction

The vulnerability can be reproduced by loading the USB raw gadget driver and attempting to register a driver that queues events. If the event queueing fails, the driver will not properly release allocated resources, causing a memory leak. This can be observed in the kernel logs, where the raw gadget fails to queue events and reports errors.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for upgrading the kernel can be found in the official Linux kernel documentation.