Linux Kernel Memory Leak Vulnerability in DRM/I915 Subsystem

A memory leak vulnerability has been identified in the Linux kernel's DRM/I915 subsystem. The issue arises from an imbalance in the handling of virtual memory area (VMA) nodes. The functions 'drm_vma_node_allow()' and 'drm_vma_node_revoke()' are not called in matching pairs, leading to a memory leak. Specifically, 'drm_vma_node_allow()' is called once per file for each 'mmap_offset' request, while 'drm_vma_node_revoke()' is only called once per file for each 'mmap_offset', creating a discrepancy. As 'mmap_offset' is reused by the client, the per-file VM count may remain non-zero, causing a leak in the red-black tree management. This vulnerability has been addressed by modifying the code to use 'drm_vma_node_allow_once()', which prevents the memory leak by ensuring that the allowance is properly managed.

Impact

Exploitation of this vulnerability leads to a memory leak, where allocated memory is not properly released, potentially causing increased memory usage and degradation of system performance over time.