Linux Kernel Refcount Leak Vulnerability in Qualcomm SMSM Driver

A refcount leak vulnerability has been identified in the Linux kernel's Qualcomm SMSM driver, specifically within the 'qcom_smsm_probe()' function. This vulnerability affects the stable versions of the Linux kernel. The issue arises because the 'local_node' and 'node' variables, which are used to iterate over child nodes, are not properly released in certain error handling paths. This oversight can lead to memory management issues.

Impact

Exploitation of this vulnerability causes a memory leak, where reference counts are not properly managed, potentially leading to increased memory usage over time.

Reproduction

The vulnerability can be reproduced by loading the Qualcomm SMSM driver in the Linux kernel. The 'qcom_smsm_probe()' function will be executed, during which the 'local_node' and 'node' variables will be improperly released, causing a refcount leak.

Remediation

Users can upgrade to the patched version of the Linux kernel where this vulnerability has been addressed. The patch is available in the Linux kernel stable tree.