Linux Kernel Netpoll Reference Count Vulnerability Leading to Memory Leaks

A vulnerability in the Linux kernel's netpoll feature has been identified, where improper handling of reference counts during cleanup processes can lead to memory leaks. This issue arises when multiple netpoll instances are associated with the same network interface card (NIC). The first netpoll instance to clean up incorrectly sets the device's netpoll information reference to NULL without properly decrementing the reference count. As a result, subsequent cleanup attempts for other netpoll instances fail, causing leaks of netpoll information and associated socket buffer pools. This vulnerability has been addressed by reverting the problematic commit and ensuring that netpoll information cleanup only occurs when the reference count reaches zero.

Impact

The vulnerability can cause memory leaks by failing to properly clean up netpoll information and associated socket buffers, as reported by the kernel's memory leak detection feature.

Reproduction

To reproduce this vulnerability, associate two netpoll instances with the same NIC. The first instance will clean up and nullify the netpoll information reference without proper cleanup, while the second instance will fail to clean up, leading to a memory leak.

Remediation

Users can update to the latest version of the Linux kernel where this vulnerability has been fixed.