Linux Kernel Atmel HLCDC DRM Memory Leak Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's Atmel HLCDC Direct Rendering Manager (DRM) module. This issue arises from the atomic_destroy_state callback, which fails to properly free certain drm_crtc_commit objects, leading to an accumulation of slab memory. The callback only releases the framebuffer, neglecting other necessary objects. The memory leak becomes apparent after prolonged use of a graphics application or through the kmemleak tool, which indicates unreferenced objects. The vulnerability has been addressed by modifying the callback to use the __drm_atomic_helper_plane_destroy_state() function, ensuring all unneeded objects are properly released.

Impact

The vulnerability causes a memory leak, where allocated memory is not freed, leading to increased memory usage over time. This can potentially cause performance degradation or exhaustion of available memory resources.

Reproduction

The vulnerability can be reproduced by using a graphics application that interacts with the DRM subsystem, particularly one that utilizes the Atmel HLCDC driver. After several hours of usage, the memory leak can be observed through the kmemleak tool, which will report unreferenced objects that should have been freed.

Remediation

The vulnerability has been fixed in the Linux kernel. Users should upgrade to the latest version that includes the patch.