Linux Kernel NCSI Component Memory Leak Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's Network Controller Sideband Interface (NCSI) component. This issue arises because the NCSI AEN (Asynchronous Event Notification) and response handlers do not properly release the received socket buffers (skbs) in certain error scenarios. Specifically, the AEN handler returns early on invalid packets without freeing the skb, and the response handler fails to release the skb when it cannot resolve the NCSI device or related requests.

Impact

The vulnerability leads to a memory leak, where unfreed socket buffers accumulate, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

To reproduce this vulnerability, send invalid AEN packets to the NCSI AEN handler. The handler will return an error without freeing the associated skb, creating a memory leak. Similarly, the NCSI response handler can be triggered to exit early without releasing the skb, by sending responses that the handler cannot process, such as those not associated with a valid NCSI device or request.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been patched. Instructions for downloading the updated kernel can be found on the official Linux kernel website.