Linux Kernel mcba_usb URB Memory Leak Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's mcba_usb CAN bus driver. This issue arises in the handling of USB transfer requests (URBs) for incoming data. When URBs are processed and completed, they are not properly released, leading to a memory leak. The problem occurs because the USB framework unanchors the URB before the completion callback is executed, causing the URB to be lost and not freed as expected. This vulnerability affects the stable versions of the Linux kernel.

Impact

Exploitation of this vulnerability leads to a memory leak, where allocated resources are not properly released, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by using the Microchip CAN Bus Analyzer with the Linux kernel's mcba_usb driver. When USB-in transfer URBs are allocated and submitted, they are not properly anchored before being processed in the completion callback. This oversight allows the URBs to be unanchored and lost, creating a memory leak.

Remediation

The vulnerability has been addressed in the Linux kernel. Users can upgrade to the latest version of the stable Linux kernel to apply the fix.