Linux Kernel Intel Graphics Driver Sync Object Reference Leak Vulnerability

A vulnerability in the Linux kernel's Intel graphics driver can lead to a reference leak of synchronization objects. The issue arises in the 'xe_sync_entry_parse' function, which can allocate references to sync objects, fences, and chains before encountering a failure. Some error paths return directly, leaving a partially initialized state and leaking references. The vulnerability has been addressed by routing these error paths through a common cleanup label to properly release the references before returning an error.

Impact

The vulnerability can cause a memory leak by failing to release references to synchronization objects, which could lead to increased memory usage over time.

Reproduction

The vulnerability can be reproduced by triggering a parse failure in the 'xe_sync_entry_parse' function of the Intel graphics driver. This can be done by introducing a condition that causes the function to allocate references before hitting a failure path, such as a synchronization object or fence allocation failure. The error paths should then be routed through the common cleanup label to observe the reference leak.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version can be found in the Linux kernel documentation.