Overview: In the Linux kernel, a recently resolved vulnerability (CVE-2024-27074) that caused memory leak issues in the media streaming module, go7007, has been fixed. The vulnerability stemmed from a missing deallocation call, leading to memory being leaked during the load of the go7007 encoder.
Exploit Details
The primary issue in the code was the absence of deallocation (i.e., kfree()) for the bounce variable (i.e., go->boot_fw) in the go7007_load_encoder() function. The memory leak occurs in the following call chain:
saa7134_go7007_init
|-> go7007_boot_encoder
|-> go7007_load_encoder
|-> kfree(go)
In this call chain, the memory allocated to go is freed, but the memory allocated to bounce (i.e., go->boot_fw) is leaked.
The fix involves adding a call to kfree(go->boot_fw) before freeing the memory allocated to go as shown in the following patch:
--- a/drivers/media/usb/go7007/saa7134-go7007.c
+++ b/drivers/media/usb/go7007/saa7134-go7007.c
@@ -497,6 +497,7 @@
}
/* Execute the firmware */
go->hpi_ops->write_interrupt(go, x0001);
+ kfree(go->boot_fw);
kfree(go);
return ;
}
References
- The original patch for the vulnerability fix can be found at: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=df8abaae82f261
- The description and details of the vulnerability (CVE-2024-27074) can be accessed at: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27074
Conclusion
To patch this vulnerability (CVE-2024-27074) related to the memleak issue in the go7007 Linux kernel module, it is important to make sure your kernel is updated according to the official patch available. Updating the kernel will ensure that your system remains secure and is not exposed to potential exploits related to this issue. If you are using a specific distribution, keep an eye on announcements for kernel updates that incorporate the patch.
Timeline
Published on: 05/01/2024 13:15:51 UTC
Last modified on: 12/23/2024 14:31:11 UTC