Linux Kernel AMD Graphics EDID Memory Leak Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's AMD graphics driver, specifically within the display management component of the AMD GPU driver. This issue arises when a sink is connected; the connector's EDID (Extended Display Identification Data) is overwritten without freeing the previously allocated memory. This oversight leads to a memory leak when the system resumes from a suspended state. The vulnerability affects several versions of the Linux kernel.

Impact

Exploitation of this vulnerability causes a memory leak, which can lead to increased memory usage and potential exhaustion of system resources.

Reproduction

The vulnerability can be reproduced by connecting a display sink to a system running the affected version of the Linux kernel with the AMD GPU driver. After the connection is made, the system can be suspended and then resumed, during which the memory leak occurs as the old EDID data is not properly freed before being overwritten.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.