Linux Kernel Universal Plane Initialization Vulnerability Leading to Resource Leak

Vulnerability

A vulnerability in the Linux kernel's handling of universal planes in the Direct Rendering Manager (DRM) can lead to a resource leak. The issue arises in the __drm_universal_plane_init() function, where a range check for the format_count parameter is currently positioned after the resource allocation. This oversight can cause the format_types array to be leaked and fail to properly unregister the mode object, resulting in a leak of the modeset identifier. By moving the range check to the beginning of the function, the vulnerability can be mitigated before allocating resources.

Impact

The vulnerability causes a resource leak by failing to properly unregister mode objects, which can lead to unintended consequences in resource management and object lifecycle handling within the graphics subsystem.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Universal Plane Initialization Vulnerability Leading to Resource Leak

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating