An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c. Reference: https://github.com/torvalds/linux/commit/ceabee6c59943bdd5e1da1a6a20dc7ee5f8113a2
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1760960]
This was fixed for Fedora with the 5.0.6 stable kernel updates.
Mitigation: Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Statement: This issue is rated as having Low impact because of the preconditions needed to trigger the error/resource cleanup code path (system-wide out-of-memory condition, high privileges or physical access). The generic netlink is a way for kernel modues to easily communicate with userspace using netlink. genl_register_family is thus called by kernel modules (code) only and it's hard for an attacker to invoke (module reloads?) it let alone fail on the right place.