Linux Kernel Raspberry Pi Touchscreen Driver Reference Count Leak Vulnerability

A reference count leak vulnerability has been identified in the Raspberry Pi touchscreen driver for the Linux kernel. This issue arises in the 'rpi_ts_probe' function, where the 'rpi_firmware_get' function is called to obtain a reference to the firmware. The vulnerability occurs because the reference is not properly released in error handling paths. The problem has been addressed by using the 'devm_rpi_firmware_get' helper, which manages the firmware reference automatically. The vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability could lead to a reference count leak, potentially causing memory management issues such as dangling pointers or memory not being freed when it should be.

Reproduction

The vulnerability can be reproduced by loading the official Raspberry Pi touchscreen driver in the Linux kernel. The driver will improperly manage firmware references, leading to a reference count leak.

Remediation

Users can update to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for updating the Linux kernel can be found in the official Linux kernel documentation.