memcg_path_store() assigns a newly allocated memory buffer to filter->memcg_path, without deallocating the previously allocated and assigned memory buffer. As a result, users can leak kernel memory by continuously writing a data to memcg_path DAMOS sysfs file. Fix the leak by deallocating the previously set memory buffer.
Fixes: 7ee161f18b5d ("mm/damon/sysfs-schemes: implement filter directory") Cc: stable@vger.kernel.org # 6.3.x Signed-off-by: SeongJae Park sj@kernel.org --- mm/damon/sysfs-schemes.c | 1 + 1 file changed, 1 insertion(+)
diff --git a/mm/damon/sysfs-schemes.c b/mm/damon/sysfs-schemes.c index 0f6c9e1fec0b..30ae7518ffbf 100644 --- a/mm/damon/sysfs-schemes.c +++ b/mm/damon/sysfs-schemes.c @@ -472,6 +472,7 @@ static ssize_t memcg_path_store(struct kobject *kobj, return -ENOMEM;
strscpy(path, buf, count + 1); + kfree(filter->memcg_path); filter->memcg_path = path; return count; }