Linux Kernel FastRPC Miscellaneous Map Leak Vulnerability

A vulnerability in the Linux kernel's FastRPC implementation can lead to a map leak. This issue arises in the 'fastrpc_put_args' function, where a failure in the 'copy_to_user' operation causes an early return without properly cleaning up the file descriptor list. The fdlist, updated by the Digital Signal Processor (DSP), remains uncleared, potentially leading to a map leak. The vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability could be exploited to cause a map leak, where mapped buffers are not properly released, potentially leading to resource management issues.

Reproduction

The vulnerability can be reproduced by invoking the FastRPC context with a scenario that causes the 'copy_to_user' function to fail. This failure triggers an early return in the 'fastrpc_put_args' function without cleaning up the fdlist, which has been modified by the DSP. As a result, the uncleared fdlist can lead to a map leak.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for downloading the patched version are available on the official Linux kernel website.