Linux Kernel NVMe/FC Controller Admin Tagset Memory Leak Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's NVMe over Fibre Channel (NVMe/FC) controller management. This issue arises during the initialization process of an NVMe/FC controller, where the admin block layer queue resources are allocated. If the initialization fails at any stage, the controller references are torn down, but the admin queue allocations are not freed, leading to a memory leak. This leaked memory allocation has been reported by the kernel's memory leak detector (kmemleak) during NVMe/FC block tests.

Impact

The vulnerability causes a memory leak by failing to release allocated resources for the NVMe/FC controller's admin tagset when the controller initialization process encounters an error. This leak can accumulate over time, potentially leading to increased memory usage and degradation of system performance.

Reproduction

To reproduce this vulnerability, create an NVMe/FC controller using the NVMe fabrics subsystem. During the initialization process, intentionally cause a failure after the controller has been added but before the initialization is complete. This can be done by simulating a failure in the controller state change or the connection scheduling process. Once the failure occurs, the controller will be torn down, but the admin tagset allocations will remain unreleased, causing a memory leak.

Remediation

The vulnerability has been addressed in the Linux kernel. Users should upgrade to the latest version where this issue has been fixed.