Linux Kernel Reference Count Vulnerability in MTD Raw NAND Atmel Controller

Vulnerability

A reference counting vulnerability has been identified in the Linux kernel's MTD (Memory Technology Device) raw NAND Atmel controller. This issue arises in several error handling paths involving a refcounted object, 'nc->dmac'. In these paths, the function returns an error code without properly balancing the reference count of 'nc->dmac', which is increased by 'dma_request_channel()'. This oversight can lead to reference count leaks. The vulnerability has been addressed by ensuring the reference count is correctly decremented in the error handling paths.

Impact

The vulnerability could cause reference count leaks, potentially leading to memory management issues.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.0

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.0

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Reference Count Vulnerability in MTD Raw NAND Atmel Controller

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating