Linux Kernel AMD GPU PCI Device Reference Count Leak Vulnerability

A reference count leak vulnerability has been identified in the Linux kernel's AMD GPU driver. The issue arises because the function 'pci_get_domain_bus_and_slot()' increments the reference count of a PCI device, and the caller is responsible for decrementing it before the function returns. In this case, the 'amdgpu_device_resume' and 'suspend_display_audio' functions were not properly managing the reference count, leading to a leak. The vulnerability affects the Linux kernel in the stable group.

Impact

The vulnerability can lead to a reference count leak, which may cause memory management issues.

Reproduction

The vulnerability can be reproduced by using the AMD GPU driver in the Linux kernel stable group. The issue occurs when the 'amdgpu_device_resume_display_audio' or 'amdgpu_device_suspend_display_audio' functions are called without properly decrementing the PCI device reference count, after it has been incremented.

Remediation

The vulnerability has been addressed in the Linux kernel. Users can upgrade to the latest version to mitigate this issue.