Gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. This was disputed with the assertion that the issue does not grant any access not already available.
The information has been provided by kircher
The original article can be found at:https://bugzilla.kernel.org/show_bug.cgi?id=206651
It is a problem that on unloading a specific kernel module some memory is leaked, but loading kernel modules is a privileged operation. A user could also write a kernel module to consume any amount of memory they like and load that replicating the effect of this bug.
Linux kernel through 5.6.10