Linux Kernel PCI Device Refcount Leak Vulnerability in Radeon DRM

A refcount leak vulnerability has been identified in the Linux kernel's handling of PCI devices within the Radeon Direct Rendering Manager (DRM) module. This issue arises in the 'radeon_atrm_get_bios()' function, where the PCI device reference count is not properly decremented under certain conditions, potentially leading to memory management issues. The vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability can lead to a memory leak by not properly releasing references to PCI devices, which could be exploited to cause memory exhaustion or other unintended behaviors in the system.

Reproduction

The vulnerability can be reproduced by loading a Radeon graphics driver that interacts with the PCI subsystem. The 'radeon_atrm_get_bios()' function will be called with a PCI device reference that is not NULL, causing the reference count to increase without a corresponding decrease, unless 'pci_dev_put()' is manually called to correct it.

Remediation

Users can apply the latest patches from the Linux kernel stable tree to address this vulnerability. The patch is included in the official Linux kernel repository.