Linux Kernel Memory Leak Vulnerability in ThinkStation WMI Parsing

A memory leak vulnerability has been identified in the Linux kernel's handling of ThinkStation WMI strings. This issue arises in the platform/x86: think-lmi component, where a previous commit failed to properly free allocated memory after parsing WMI data. The vulnerability affects several versions of the Linux kernel.

Impact

Exploitation of this vulnerability leads to a memory leak, where allocated memory is not properly released, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by using a version of the Linux kernel that includes the faulty WMI string parsing logic. When the ThinkStation WMI strings are parsed, the allocated memory for certain items is not freed, creating a memory leak.

Remediation

Users can upgrade to the latest version of the Linux kernel, where this vulnerability has been addressed. Instructions for downloading the patched kernel can be found on the official Linux kernel website.