Linux Kernel Blktrace Debugfs Entries Leakage Vulnerability

A vulnerability in the Linux kernel's handling of blktrace can lead to a leakage of debugfs entries. This issue arises in a specific scenario where blktrace is enabled via ioctl after the disk has been marked for deletion with del_gendisk(), but before the corresponding debugfs entries have been removed. The vulnerability affects the stable versions of the Linux kernel.

Impact

The vulnerability causes a leakage of debugfs entries, which can lead to information disclosure or confusion during debugging processes.

Reproduction

To reproduce this vulnerability, open a disk before calling del_gendisk(). After the disk is deleted, enable blktrace through ioctl without shutting it down first. Once the disk is closed, the debugfs entries will remain, causing a leak.

Remediation

The vulnerability has been addressed by modifying the disk_release function to include a call to blk_trace_remove, ensuring that blktrace is properly shut down before the disk is fully closed.