Linux Kernel Refcount Leak Vulnerability in Media Component

Vulnerability

A refcount leak vulnerability has been identified in the Linux kernel's media component, specifically within the Meson video decoder driver. The issue arises in the 'vdec_probe' function, where the 'v4l2_device_unregister' function needs to be called to properly decrement the reference count increased by 'v4l2_device_register'. Failure to do so can lead to a memory management issue, allowing for potential misuse of resources.

Impact

Exploitation of this vulnerability could lead to a refcount leak, causing memory management issues that may be exploited for arbitrary code execution or denial-of-service conditions.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Refcount Leak Vulnerability in Media Component

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating