Linux Kernel CIFS Memory Leak Vulnerability in SMB3 File System Context Parsing

A memory leak vulnerability has been addressed in the Linux kernel's CIFS (Common Internet File System) implementation, specifically within the SMB3 (Server Message Block version 3) file system context parsing. The issue arose in the error handling path of the 'smb3_fs_context_parse_param' function, where memory allocated for source strings was not properly freed in certain error scenarios. This oversight led to a memory leak when processing 'Opt_source' mount options, particularly if an error occurred after the source strings were allocated but before the function could complete. The vulnerability was identified by syzbot, a tool for finding bugs in the Linux kernel.

Impact

The vulnerability could lead to a memory leak, where allocated memory is not properly released, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by mounting a CIFS file system with 'Opt_source' mount options. If an error occurs during the parsing of these options, the allocated memory for the source strings will not be freed, leading to a memory leak.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.