Linux Kernel Refcount Leak Vulnerability in DRM OMAP DSS Component

A refcount leak vulnerability has been identified in the Linux kernel's DRM OMAP DSS component. This issue arises in the 'dss_init_ports()' and '__dss_uninit_ports()' functions, where the reference returned by 'of_graph_get_port_by_id()' is not properly released in certain failure paths or when no longer needed. The vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability leads to a refcount leak, which can cause memory management issues, potentially allowing for use-after-free conditions or memory corruption.

Reproduction

The vulnerability can be reproduced by triggering the 'dss_init_ports()' or '__dss_uninit_ports()' functions in the DRM OMAP DSS component. This can be done by loading a device that uses the OMAP DRM driver and initializing the display subsystem, which will call these functions. The refcount leak can be observed by monitoring the reference counts of the affected ports, which will not decrease as expected, indicating a leak.

Remediation

The vulnerability has been fixed in the Linux kernel. Users should upgrade to the latest version where this commit is included.