Linux Kernel AMBA Bus Refcount Leak Vulnerability

A refcount leak vulnerability has been identified in the Linux kernel's AMBA bus driver. The issue arises because the 'of_node' reference count is increased when devices are created from the device tree, but not properly released during the device's release process. This oversight leads to a memory management issue where reference counts are not accurately tracked, potentially causing resource leaks.

Impact

Exploitation of this vulnerability leads to a refcount leak, where the reference count of a node is not properly decremented, causing memory management issues.

Reproduction

The vulnerability can be reproduced by creating devices from the device tree using the AMBA bus driver. The 'of_node' reference count will be increased, but if the device is released without properly decrementing the reference count, a refcount leak will occur.

Remediation

The vulnerability has been addressed by modifying the AMBA device release function to include a call to 'of_node_put', which properly decrements the reference count of the 'of_node', preventing the refcount leak.