Linux Kernel Refcount Leak Vulnerability in PL353 Static Memory Controller Driver

A refcount leak vulnerability has been identified in the Linux kernel's PL353 static memory controller driver. This issue arises in the 'pl353_smc_probe()' function, where the 'child' node reference is not properly released after use. The vulnerability affects the Linux kernel stable tree, specifically in versions prior to the latest commit that addresses this issue. The problem occurs because the 'of_node_put()' function, which is responsible for decrementing the reference count of the 'child' node, is not called in the failure path of the 'for_each_available_child_of_node()' iteration. Although 'of_platform_device_create()' creates a new reference for 'child', it does not account for the necessary refcount management, leading to a memory leak.

Impact

Exploitation of this vulnerability causes a memory leak, where references to memory nodes are not properly released, potentially leading to increased memory usage and degradation of system performance over time.

Reproduction

To reproduce this vulnerability, load the PL353 static memory controller driver in the Linux kernel. The vulnerability will manifest as a memory leak, observable through increased memory usage that is not reclaimed. This can be monitored using standard system tools that track memory consumption.

Remediation

The vulnerability has been fixed in the Linux kernel. Users should upgrade to the latest version where this issue has been addressed.