Linux Kernel Duplicate Registration Vulnerability in DPLL Framework

A vulnerability in the Linux kernel's DPLL (Distributed Precision Time Protocol) framework allows for duplicate registrations of pin multipliers on the same device. This issue arises because the internal registration helpers, dpll_xa_ref_dpll_add and dpll_xa_ref_pin_add, previously accepted multiple registrations with the same parameters, leading to an incorrect increment of reference counts. The first registration allocated a pin registration, while subsequent ones only increased the reference count. This discrepancy caused warnings during unregistration. The vulnerability has been addressed by modifying the registration logic to reject duplicates, ensuring that each pin is registered only once.

Impact

The vulnerability could lead to improper management of pin registrations, causing memory management issues such as double frees or memory leaks.

Reproduction

To reproduce this vulnerability, register the same pin multiple times on the same device using the DPLL framework, ensuring that the operations, private data, and cookie values are identical for each registration. The kernel will incorrectly allow the duplicate registrations by silently increasing the reference count.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed.