Linux Kernel Refcount Leak Vulnerability in AM65 CPSW NUSS Ethernet Driver

Vulnerability

A refcount leak vulnerability has been identified in the Linux kernel's AM65 CPSW NUSS Ethernet driver. The issue arises because the function 'of_get_child_by_name()' returns a node pointer with an incremented reference count, which is not properly released in error cases within the 'am65_cpsw_init_cpts()' and 'am65_cpsw_nuss_probe()' functions. This oversight can lead to a memory management issue by leaking reference counts.

Impact

The vulnerability causes a memory refcount leak, which can lead to improper memory management and potential resource exhaustion.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Refcount Leak Vulnerability in AM65 CPSW NUSS Ethernet Driver

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating