Linux Kernel Refcount Vulnerability in DRM Meson Component

Vulnerability

A refcount vulnerability has been identified in the Linux kernel's DRM Meson component. This issue arises from two refcount leak bugs in the function 'meson_vpu_has_available_connectors'. The first bug occurs when exiting the 'for_each_endpoint_of_node()' loop, where the 'ep' endpoint reference is not properly released. The second bug involves failing to release the reference obtained from 'of_graph_get_remote_port()' when it is no longer needed.

Impact

Exploitation of this vulnerability leads to refcount leaks, which can potentially be exploited to cause use-after-free conditions or memory corruption.

Added: Jun 18, 2025, 7:24 PM

Updated: Jun 18, 2025, 7:24 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Refcount Vulnerability in DRM Meson Component

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating