Linux Kernel Kfree Memory Deallocation Vulnerability in Nouveau Firmware Handling

A memory management vulnerability has been identified in the Linux kernel's Nouveau graphics driver. Specifically, the issue arises in the handling of firmware for the Falcon component, where the 'boot' attribute of 'nvkm_falcon_fw' is allocated but not properly freed. This oversight leads to memory leaks, as indicated by a kmemleak warning. The vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability can cause memory leaks, where allocated memory is not properly released, potentially leading to increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by allocating firmware for the Falcon component in the Nouveau driver without properly freeing the 'boot' attribute of 'nvkm_falcon_fw'. This can be done by using the Nouveau driver with Falcon firmware that is not managed correctly, leading to a kmemleak warning about the unfreed memory.

Remediation

The vulnerability has been addressed by adding the missing kfree() function to deallocate the 'boot' attribute in the Nouveau Falcon firmware destructor. Users can apply the latest patches available in the Linux kernel stable tree to remediate this issue.