Linux Kernel Memory Leak Vulnerability in RAID 10 Component

A memory leak vulnerability has been identified in the Linux kernel's RAID 10 implementation. During the error handling process of the 'raid10_run()' function, a configuration structure ('conf') is supposed to be freed. However, the 'bio_split' member of this structure is overlooked, leading to a memory leak. This issue arises because there are three different points in the code where 'conf' can be freed, creating confusion about the proper management of memory resources.

Impact

Exploitation of this vulnerability leads to a memory leak, where allocated memory is not properly released, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by triggering an error in the 'raid10_run()' function, which will cause the 'conf' structure to be freed improperly, leaving the 'bio_split' member allocated and unfreed, thus creating a memory leak.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for upgrading the kernel can be found in the official Linux kernel documentation.