Linux Kernel Refcount Leak Vulnerability in TI-SCI Interrupt Handling

A refcount leak vulnerability has been identified in the Linux kernel's TI-SCI interrupt handling. The issue arises in the 'ti_sci_intr_irq_domain_probe' function, where 'of_irq_find_parent' returns a node pointer with an incremented reference count. The missing 'of_node_put' call to decrement the reference count when the node is no longer needed leads to a memory leak. This vulnerability affects the Linux kernel stable tree.

Impact

Exploitation of this vulnerability can lead to a memory leak, causing increased memory usage and potential degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by invoking the 'ti_sci_intr_irq_domain_probe' function within the TI-SCI interrupt handling context. This function will process an IRQ domain probe, during which the 'of_irq_find_parent' function is called. The returned node pointer will have its reference count incremented, but if the 'of_node_put' function is not called to decrement the count before the function exits, a refcount leak occurs.

Remediation

The vulnerability has been addressed by adding the missing 'of_node_put' call in the 'ti_sci_intr_irq_domain_probe' function. Users can apply the latest patches available in the Linux kernel stable tree to mitigate this vulnerability.