Linux Kernel ksmbd Memory Leak Vulnerability in File Information Retrieval

A memory leak vulnerability has been identified in the Linux kernel's ksmbd component, specifically within the file information retrieval function get_file_all_info(). When the virtual file system's getattr function fails, the get_file_all_info() function exits prematurely without releasing the allocated filename, resulting in a memory leak. This issue has been addressed by modifying the function to free the filename before returning in the event of an error.

Impact

Exploitation of this vulnerability leads to a memory leak, where allocated memory is not properly released, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by invoking the get_file_all_info() function in the ksmbd component of the Linux kernel. When the vfs_getattr() function fails, the get_file_all_info() function returns without freeing the allocated filename, causing a memory leak. This behavior can be observed by monitoring memory usage before and after the function call, noting the failure of vfs_getattr() and the subsequent lack of memory being freed.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability. The patch can be downloaded from the Linux kernel Git repository.