Linux Kernel PCI Resource Handling Vulnerability Leading to Memory Leak

A vulnerability in the Linux kernel's PCI resource management can cause memory leaks by improperly handling root bus resources. This issue occurs on the r8a7791/koelsch platform, where the kernel fails to register valid root bus resources with an end value of zero. The problem arises during the coalescing of resource apertures, where the first resource is marked invalid but not all invalidated resources are correctly processed. As a result, certain resources are skipped, leading to unreferenced objects that create memory leaks.

Impact

This vulnerability causes memory leaks by leaving unreferenced objects in the kernel, which can accumulate and potentially lead to increased memory usage or exhaustion.

Reproduction

The vulnerability can be reproduced on a system running the affected version of the Linux kernel on the r8a7791/koelsch platform. After the kernel has been booted, the command 'cat /sys/kernel/debug/kmemleak' can be used to observe the memory leak. The output will show an unreferenced object, indicating the presence of a memory leak caused by the vulnerability.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. The specific commit that fixes this issue is available in the Linux kernel stable tree.