Linux Kernel Tap Driver Memory Leak Vulnerability in XDP Frame Handling

A memory leak vulnerability has been identified in the Linux kernel tap driver, specifically in the handling of XDP (eXpress Data Path) frames. The issue arises in the 'tap_get_user_xdp()' function, which fails to free a page allocated for a frame by 'vhost_net_build_xdp()' when an error occurs. This oversight leads to a leak of one page-frag chunk for each rejected frame in a batch. The vulnerability has been addressed by modifying the error handling to free the allocated page before exiting the function.

Impact

Exploitation of this vulnerability leads to a memory leak, where each rejected XDP frame in a batch causes one page-frag chunk to be leaked, potentially leading to increased memory usage and exhaustion over time.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version can be found in the Linux kernel documentation.