Linux Kernel Refcount Leak Vulnerability in Xilinx Video IP Core

A refcount leak vulnerability has been identified in the Linux kernel's handling of the Xilinx Video IP core. The issue arises in the 'xvip_graph_dma_init' function, where the 'of_get_child_by_name' function returns a pointer to a device node with an incremented reference count. If this pointer is not properly released using 'of_node_put', it creates a memory leak. The vulnerability affects several versions of the Linux kernel.

Impact

Exploitation of this vulnerability leads to a memory leak, where reference counts are not properly managed, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by loading a Xilinx Video IP core driver that interacts with the device tree. The 'xvip_graph_dma_init' function will be called, leading to the reference count leak when the 'of_get_child_by_name' function is used without a corresponding 'of_node_put' to release the reference.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for upgrading can be found in the official Linux kernel documentation.