Linux Kernel Memory Leak Vulnerability in RTL8712 Driver

A memory leak vulnerability has been identified in the Linux kernel's RTL8712 wireless driver, specifically within the '_r8712_init_xmit_priv()' function. This issue arises when memory is allocated in multiple stages; if the initial allocation succeeds but a subsequent one fails, the function fails to release the previously allocated memory, leading to a leak. The vulnerability affects several versions of the Linux kernel.

Impact

Exploitation of this vulnerability can lead to a memory leak, where allocated memory is not properly released, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by loading the RTL8712 wireless driver in the Linux kernel. The '_r8712_init_xmit_priv()' function will be called during the initialization process. If the function encounters a failure in one of the later memory allocation stages after an initial successful allocation, the routine will leak memory. This can be observed by monitoring the system's memory usage, which will show an increase due to the unfreed allocated memory.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability. The patch can be downloaded from the Linux kernel Git repository.