Linux Kernel Netrom Memory Leak Vulnerability in nr_sendmsg Function

A memory leak vulnerability has been identified in the Linux kernel's Netrom implementation, specifically within the nr_sendmsg function. This issue arises when the sock_alloc_send_skb function returns NULL in the nr_output function. In such cases, the original socket buffer (skb), which was allocated in nr_sendmsg, is not properly freed. The vulnerability affects several versions of the Linux kernel.

Impact

Exploitation of this vulnerability leads to a memory leak, where allocated memory is not released, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by sending a message through a Netrom socket using a kernel version that is affected by this issue. The nr_output function will be called, and if sock_alloc_send_skb returns NULL, the skb allocated in nr_sendmsg will not be freed, causing a memory leak.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. The commit addressing this issue is available in the Linux kernel stable tree.