Linux Kernel Remoteproc Memory Leak Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's remoteproc core. When a remote processor is attached using rproc_attach(), and the function rproc_handle_resources() fails, the clean table is not properly released. This oversight leads to a memory leak, leaving unreferenced objects in memory. The leaked memory can be observed as an unreferenced object of size 1024, associated with a specific kernel worker process.

Impact

The vulnerability causes a memory leak, leading to unreferenced objects remaining in memory, which can accumulate and potentially cause issues such as exhausting available memory resources.

Reproduction

The vulnerability can be reproduced by attaching a remote processor using rproc_attach() while rproc->state is set to RPROC_DETACHED. If rproc_handle_resources() fails after the attachment, the clean table is not released, causing a memory leak. This can be verified by checking for unreferenced objects in memory, which indicate the leak.