Linux Kernel File Reference Leak Vulnerability in fremovexattr System Call

A vulnerability in the Linux kernel's handling of the fremovexattr() system call can lead to a local denial-of-service condition. The issue arises because fremovexattr() calls fdget() to obtain a file reference but fails to release it with fdput() if strncpy_from_user() encounters an error with the name argument. This oversight can cause a permanent leak of file references, particularly in multi-threaded processes where fdget() is slower, leading to unnecessary memory consumption. An unprivileged local user could exploit this flaw to exhaust kernel memory resources. The vulnerability affects the Linux kernel stable tree.

Impact

Exploitation of this vulnerability causes kernel memory exhaustion, which can lead to a denial-of-service condition by depleting available memory resources.

Remediation

The vulnerability has been fixed in the Linux kernel stable tree. Users can upgrade to the latest version to address this issue.