Linux Kernel Device Reference Count Leak Vulnerability in AppleTalk ATRTR Create Function

A device reference count leak vulnerability has been identified in the Linux kernel's AppleTalk implementation, specifically within the ATRTR create function. This issue arises when the function updates an existing route entry; the old device reference is not properly released before a new one is assigned, leading to a reference count leak. The vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability can lead to a device reference count leak, which may cause memory management issues such as improper resource deallocation.

Reproduction

To reproduce this vulnerability, update an existing route entry in the AppleTalk ATRTR create function without releasing the old device reference. This can be done by modifying the function to omit the necessary reference release before assigning a new one, which will result in a reference count leak.

Remediation

The vulnerability has been addressed by modifying the ATRTR create function to include a call that releases the old device reference before holding the new one. Users can apply the latest patches available in the Linux kernel stable tree to mitigate this issue.