Linux Kernel GICv3 IRQ Chip Error Handling Vulnerability Leading to Reference Count Leak

Vulnerability

A vulnerability in the Linux kernel's GICv3 IRQ chip handling has been addressed. The issue arose in the 'gic_populate_ppi_partitionsof_get_child_by_name()' function, where error handling was inadequate. When the function returned a node pointer with an incremented reference count, the corresponding 'of_node_put()' was not called when the node was no longer needed. This oversight caused a reference count leak. The vulnerability has been fixed by ensuring that 'of_node_put()' is called appropriately, particularly when memory allocation with 'kcalloc' fails.

Impact

The vulnerability could lead to a reference count leak, potentially causing memory management issues.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel GICv3 IRQ Chip Error Handling Vulnerability Leading to Reference Count Leak

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating