Linux Kernel Memory Leak Vulnerability in IPv4 Address Management

A memory leak vulnerability has been identified in the Linux kernel's IPv4 address management, specifically within the '__inet_del_ifa()' function. This issue arises when secondary IP addresses are not properly managed, leading to a loss of reference for the associated network device. The vulnerability can be reproduced by creating a bonded network interface, promoting secondary IP addresses, and then deleting primary addresses, which causes the secondary addresses to be lost while leaving behind unused memory. This leak includes references to both the in_device and net_device structures, potentially leading to further issues in network management.

Impact

Exploitation of this vulnerability causes a memory leak of secondary IP addresses, along with their associated in_device and net_device references, which could disrupt normal network operations and management.

Reproduction

To reproduce this vulnerability, create a bonded network interface named 'bond0' and enable the promotion of secondary IP addresses. Then, add a primary IP address followed by a secondary IP address. After deleting the primary IP address, the secondary one will be lost, causing a memory leak. The 'bond0' interface can then be deleted, but a warning will indicate that the interface is still in use, highlighting the leaked references.

Remediation

Users can apply the available patch in the Linux kernel stable tree to address this vulnerability.