Linux Kernel Plane State Leak Vulnerability in DRM MSM MDP5

A vulnerability exists in the Linux kernel's DRM MSM MDP5 component, where plane states have been leaking since the introduction of a reference count for plane commits. This issue arises because the plane state management does not properly handle the reference counting, leading to potential misuse or corruption of plane state information. The vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability can lead to improper management of plane states, potentially causing issues in graphics rendering or manipulation.

Reproduction

The vulnerability can be reproduced by using a version of the Linux kernel that includes the problematic plane state management. This can be done by applying the introduced reference count for plane commits without the necessary adjustments to the plane state handling. Once in this state, the leakage can be observed, likely through monitoring the plane state management processes or graphics rendering behaviors that rely on the DRM subsystem.

Remediation

Users can upgrade to a patched version of the Linux kernel where this vulnerability has been addressed. The specific commit that resolves this issue is available in the Linux kernel stable tree.