Linux Kernel UBIFS Memory Leak Vulnerability in Old Index Insertion

A memory leak vulnerability has been identified in the Linux kernel's UBIFS (Unsorted Block Image File System) component. This issue arises when the 'insert_old_idx()' function fails, leading to a memory leak for a copied-up znode. The vulnerability is present in the Linux kernel stable tree. The problem occurs because the 'copy_znode()' function, which handles resource allocation and znode replacement, is not properly managing memory during error conditions. As a result, references to the znode are lost, causing a memory leak. The old index insertion process can also be disrupted, potentially leading to further issues.

Impact

The vulnerability causes a memory leak by failing to release allocated resources for znodes that are copied but not properly indexed, leading to increased memory usage over time.

Reproduction

The vulnerability can be reproduced by copying a znode using the 'copy_znode()' function and then attempting to insert an old index with 'insert_old_idx()'. If the index insertion fails, the copied znode is left unreferenced, causing a memory leak.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed.