Linux Kernel Refcount Leak Vulnerability in BRCMSTB Power Management

A refcount leak vulnerability has been identified in the Linux kernel's BRCMSTB power management component. The issue arises in the 'brcmstb_pm_probeof_find_matching_node()' function, which returns a node pointer with an incremented reference count. The vulnerability occurs because the reference is not properly released when no longer needed, leading to a memory leak. This refcount leak is introduced in 'brcmstb_init_sram', where a device node is passed to 'of_address_to_resource()'. The 'of_address_to_resource()' function then calls 'of_find_device_by_node()' to take a reference, but the reference returned by 'of_find_matching_node()' is not released, causing the leak.

Impact

Exploitation of this vulnerability leads to a memory refcount leak, which can potentially be exploited to cause a denial-of-service condition by exhausting memory resources.