Linux Kernel Missing Reference Count Management Vulnerability in ASoC Mediatek Component

Vulnerability

A vulnerability has been identified in the Linux kernel's ASoC Mediatek component, specifically within the mt2701_wm8960_machine_probe function. The issue arises from a missing reference count management, which can lead to a memory leak. The vulnerability is related to the improper handling of a node pointer returned by the of_parse_phandle() function, which increases the reference count. The absence of a corresponding of_node_put() call creates a refcount leak.

Impact

Exploitation of this vulnerability can lead to a memory leak, where reference counts are not properly managed, potentially causing increased memory usage or other related issues.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Missing Reference Count Management Vulnerability in ASoC Mediatek Component

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating