Linux Kernel nf_tables Dynamic Set Memory Leak Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's nf_tables component, specifically within the dynamic set handling. When cloning a stateful expression during the processing of elements, if the operation fails, the previously cloned expression is not released, leading to a memory leak. This unreferenced object remains allocated on a per-CPU basis, causing a resource management issue. The vulnerability was introduced in a commit that generalized set extensions to support multiple expressions, and it affects the stable branch of the Linux kernel.

Impact

Exploitation of this vulnerability can lead to a memory leak, where allocated resources are not properly released, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by creating a dynamic set in nf_tables that includes stateful expressions. During the setup process, if the cloning of the second expression fails, the first expression will remain allocated but unreferenced, causing a memory leak. This can be observed by monitoring memory usage or using debugging tools to track allocated but unused objects.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for downloading the patched version can be found in the Linux kernel documentation.