Linux Kernel ftgmac100 Driver Resource Leak Vulnerability

A resource leak vulnerability has been identified in the Linux kernel's ftgmac100 network driver. The issue arises in the ftgmac100_alloc_rings function, which allocates various resources in stages. If an allocation fails, the function previously returned an error code without properly freeing the resources that had already been allocated, leading to a memory leak. The vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability can lead to a memory leak, where allocated resources are not properly freed, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by invoking the ftgmac100_alloc_rings function in the ftgmac100 network driver. The function will attempt to allocate resources for transmit and receive descriptors, scratch buffers, and socket buffers. If any of these allocations fail, the function will leak the resources that were successfully allocated before the failure, as it does not properly clean up after itself.

Remediation

The vulnerability has been addressed in the Linux kernel stable tree. Users can upgrade to the latest version of the stable kernel to apply the fix.