Linux Kernel Tegra210 Clock Refcount Leak Vulnerability

A refcount leak vulnerability has been identified in the Linux kernel's Tegra210 clock management. The issue arises in the 'tegra210_clock_init' function, where a node pointer returned by 'of_find_matching_node' has its reference count incremented. The function fails to release this reference when it is no longer needed, leading to a memory leak. This vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability causes a memory leak by failing to properly decrement the reference count of a node pointer, which can lead to increased memory usage and potential exhaustion of system resources.

Reproduction

The vulnerability can be reproduced by initializing the Tegra210 clock management in the Linux kernel without the proper reference count management. This can be done by using a version of the Linux kernel that includes the vulnerable 'tegra210_clock_init' function without the necessary 'of_node_put' call to release the incremented reference count.

Remediation

Users can upgrade to a patched version of the Linux kernel that includes the missing 'of_node_put' call in the Tegra210 clock initialization function. The official Linux Kernel Git repository can be checked out for the latest stable version.