Volerion logoVolerion
Volerion logoVolerion

Linux Kernel DRM/Tegra Put PID Memory Leak Vulnerability

Vulnerability

A vulnerability in the Linux kernel's DRM/Tegra subsystem has been addressed. The issue was a memory leak caused by not properly releasing a process ID (PID) after it was allocated. The function 'host1x_memory_context_alloc()' does not take ownership of the PID, leading to the leak. The vulnerability affected the Linux kernel stable tree.

Impact

The vulnerability could lead to a memory leak, causing increased memory usage and potentially degrading system performance over time.

Reproduction

The vulnerability can be reproduced by calling the 'host1x_memory_context_alloc()' function in the 'tegra_drm_ioctl_channel_open()' method without a corresponding 'put_pid()' call to release the PID. This can be done by modifying the DRM/Tegra driver to allocate a PID using 'get_task_pid()' and then failing to free it, which will result in a memory leak.

Remediation

Users can apply the latest patches from the Linux kernel stable tree to address this vulnerability.

Added: Dec 16, 2025, 4:04 PM
Updated: Dec 16, 2025, 4:04 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
0.6
exploitability
4.3
remediation
7.7
relevance
1.5
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.