Linux Kernel Crypto Memory Leak Vulnerability in CCREE Hash Function

A memory leak vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the CCREE driver handling hash functions. This issue arises in the 'cc_mac_digest' function, where a failure in finalizing a hash request can lead to unreturned memory. The vulnerability is present in the Linux kernel stable tree.

Impact

Exploitation of this vulnerability can lead to a memory leak, where allocated memory is not properly released, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by invoking the 'cc_mac_digest' function with a hash request that fails to finalize properly. This can be done by simulating a failure in the 'cc_map_hash_request_final' function, which is responsible for preparing the hash request. When this function fails, the 'cc_unmap_result' function should be called to prevent the memory leak, but if it is not, the leak will occur.

Remediation

Users can upgrade to the latest version of the Linux kernel stable tree, where this vulnerability has been addressed. Instructions for downloading the patched version are available on the Linux kernel official website.