Linux Kernel Runtime Power Management Reference Count Leak Vulnerability

Vulnerability

A vulnerability in the Linux kernel's DRM bridge component has been addressed. The issue arose because the 'pm_runtime_get_sync()' function could inadvertently increase the runtime power management counter even when it encountered an error, leading to a reference count leak. To resolve this, the function was replaced with 'pm_runtime_resume_and_get()', which does not alter the power management counter in case of an error. Additionally, a corresponding decrement was added in the error handling path to maintain a balanced counter.

Impact

This vulnerability could lead to a reference count leak in the runtime power management system, potentially causing improper management of power states and resources.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Runtime Power Management Reference Count Leak Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating