Linux Kernel Refcount Leak Vulnerability in Tegra20 Clock Initialization

A refcount leak vulnerability has been identified in the Linux kernel's Tegra20 clock initialization function. The issue arises because the function 'of_find_matching_node()' returns a pointer to a node with an incremented reference count. If this pointer is not properly released using 'of_node_put()', it creates a memory leak. The vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability leads to a memory leak, where reference counts are not properly managed, potentially causing increased memory usage over time.

Reproduction

The vulnerability can be reproduced by calling the 'tegra20_clock_init' function, which will result in a refcount leak by not releasing the node pointer returned by 'of_find_matching_node()'.

Remediation

The vulnerability has been addressed by adding the missing 'of_node_put()' call to the 'tegra20_clock_init' function, ensuring that the reference count is properly decremented and preventing the memory leak.