A memory leak may occur in polkit in specific early versions of Alibaba Cloud Linux 2. Polkit is a component in Linux operating systems that is used to control system-wide privileges. In most cases, polkit runs as a daemon and can affect system security. A memory leak in polkit may cause a security issue and degrade performance. This topic describes how to resolve a memory leak in polkit on an Elastic Compute Service (ECS) instance that runs Alibaba Cloud Linux 2.
Problem description
In the following versions of Alibaba Cloud Linux 2, a memory leak may occur in polkit and cause the amount of used memory to exceed 14 GiB:
Alibaba Cloud Linux 2 image versions earlier than aliyun_2_1903_x64_20G_alibase_20211216.vhd
Alibaba Cloud Linux 2 with kernel versions earlier than 4.19.91-25.1.al7.x86_64
Cause
A memory leak may occur in polkit. A bugfix is integrated into the recent versions of open source polkit starting with polkit-0.112-26.2.al7 to resolve the issue. For more information, see Fix a memory leak on agent authentication cancellation.
Solution
Run the following command to upgrade polkit on the ECS instance to the latest version:
sudo yum update polkit