Linux Kernel Refcount Leak Vulnerability in OMAP4 Common ARM Architecture

A refcount leak vulnerability has been identified in the Linux kernel's ARM OMAP2+ architecture, specifically within the OMAP4 common files. The issue arises in the 'omap4_sram_init()' function, where the 'of_find_compatible_node()' call returns a node pointer with an incremented reference count. The vulnerability occurs because the reference count is not properly decremented when the node is no longer needed, potentially leading to memory management issues.

Impact

The vulnerability causes a refcount leak, which can lead to memory management problems, such as improper handling of memory references that could be exploited in certain scenarios.

Reproduction

The vulnerability can be reproduced by invoking the 'omap4_sram_init()' function in the affected Linux kernel version. This function will call 'of_find_compatible_node()', which increases the reference count of the returned node pointer. However, the function fails to release the reference using 'of_node_put()' before returning, creating a refcount leak.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. The specific commit that resolves this issue is available in the Linux kernel stable tree.