Linux Kernel LVDS Power Management Reference Leak Vulnerability

A vulnerability in the Linux kernel's handling of LVDS (Low-Voltage Differential Signaling) for Rockchip SoCs has been addressed. The issue involved an improper management of the power management (PM) usage counter, which could lead to a reference leak. Specifically, the function 'pm_runtime_get_sync' was incorrectly used, allowing the PM counter to increase even when the operation failed. This oversight could cause a reference leak by not properly decrementing the PM counter. The vulnerability has been fixed by updating the PM handling to use 'pm_runtime_resume_and_get', ensuring the usage counter remains balanced. This issue affects several versions of the Linux kernel.

Impact

The vulnerability could lead to a reference leak in the power management system, potentially causing increased memory usage or other resource management issues.

Reproduction

The vulnerability can be reproduced by using the LVDS functionality on a Rockchip SoC within the affected Linux kernel versions. The improper PM management will result in a reference leak, which can be observed through increased PM usage that is not properly released.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for downloading the patched version are available on the official Linux kernel website.