Linux Kernel RTL8723BS Memory Leak Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's RTL8723BS staging driver. The issue arises in the 'rtw_cfg80211_inform_bss' function, where the 'cfg80211_inform_bss_frame' call may return NULL on failure. In such cases, the allocated buffer 'buf' is not freed, leading to a memory leak. This vulnerability affects several versions of the Linux kernel.

Impact

Exploitation of this vulnerability can lead to a memory leak, where allocated memory is not properly released, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by invoking the 'rtw_cfg80211_inform_bss' function in the RTL8723BS staging driver. When 'cfg80211_inform_bss_frame' returns NULL, the allocated buffer 'buf' is not freed, causing a memory leak. This scenario can be triggered by simulating a failure in the BSS frame handling process.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. The official Linux Kernel Git repository can be used to download the patched version.