Linux Kernel NFC NCI Protocol Early Error Path Memory Leak Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's NFC NCI protocol implementation. The issue arises in the 'nci_transceive' function, which fails to free ownership of the socket buffer (skb) when encountering certain error conditions. This oversight can lead to unreferenced objects, as detected by the kernel's memory leak tracking system, 'kmemleak'. The vulnerability is present in the Linux kernel stable tree.

Impact

The vulnerability causes a memory leak by failing to free socket buffers in the NFC NCI protocol, leading to unreferenced objects that can accumulate and cause issues over time.

Reproduction

The vulnerability can be reproduced by running the NFC NCI device self-test, which occasionally triggers the error paths in the 'nci_transceive' function. This can be done using a device that supports NFC and by executing the relevant self-test procedures. The 'kmemleak' feature should be enabled to detect the resulting memory leak.

Remediation

The vulnerability has been fixed in the Linux kernel. Users should upgrade to the latest version where this issue has been addressed.