Linux Kernel Reference Leak Vulnerability in ASoC WCD934X Codecs

Vulnerability

A reference leak vulnerability has been identified in the Linux kernel's ASoC (ALSA System on Chip) component, specifically within the WCD934X codecs. The issue arises because the device_node pointer, returned by the of_parse_phandle() function with an incremented reference count, is not properly released using of_node_put() after it is no longer needed. This oversight can lead to a memory leak by failing to decrement the reference count, potentially causing resource management issues. The vulnerability has been addressed by adding the missing of_node_put() call in the WCD934X codec data parsing function.

Impact

Exploitation of this vulnerability leads to a memory leak by failing to properly manage reference counts, which can cause resource exhaustion over time.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Reference Leak Vulnerability in ASoC WCD934X Codecs

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating