Linux Kernel Memory Leak Vulnerability in Perf Tool X86 Component

A memory leak vulnerability has been identified in the Linux kernel's perf tool, specifically within the x86 component. This issue affects the stable versions of the Linux kernel. The vulnerability arises from a failure to release memory after it is no longer needed, which can lead to increased memory usage and potential performance degradation. The leak was detected by the LeakSanitizer, which reported a direct leak of 21 bytes in one allocation. This memory leak occurs during the processing of CPU information, particularly when the perf tool evaluates AMD CPUs. The issue is introduced when the 'perf_env__read_cpuid' function is called to retrieve CPU details, but the allocated memory is not properly freed before the function exits.

Impact

Exploitation of this vulnerability leads to a memory leak, where allocated memory is not released, potentially causing increased memory usage and degrading system performance over time.

Reproduction

The vulnerability can be reproduced by running the perf tool with a test command that triggers the 'perf_env__read_cpuid' function. This can be done by executing 'perf test' which runs built-in tests, including those that check CPU environment handling. The LeakSanitizer will then report the memory leak caused by the unfreed allocation.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. The specific commit that fixes this issue is '99d4850062a84564f36923764bb93935ef2ed108', which is available in the Linux kernel stable tree.