CVE-2022-49462 in Linux
Summary
by MITRE • 02/26/2025
In the Linux kernel, the following vulnerability has been resolved:
drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init
of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore.
a6xx_gmu_init() passes the node to of_find_device_by_node() and of_dma_configure(), of_find_device_by_node() will takes its reference, of_dma_configure() doesn't need the node after usage.
Add missing of_node_put() to avoid refcount leak.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 02/26/2025
The vulnerability identified as CVE-2022-49462 represents a reference count leak within the Linux kernel's display subsystem, specifically affecting the Qualcomm Adreno 6xx GPU driver component. This issue resides in the drm/msm/a6xx module where improper handling of device tree node references leads to resource management problems that can accumulate over time and potentially impact system stability.
The technical flaw occurs in the a6xx_gpu_init function where the of_parse_phandle() function returns a device tree node pointer with an incremented reference count. The driver correctly identifies that this node pointer requires proper cleanup through of_node_put() when no longer needed, but fails to implement this cleanup in the a6xx_gmu_init() function. This function processes the node pointer through of_find_device_by_node() which also increments the reference count, followed by of_dma_configure() which consumes the node but does not require it afterward for subsequent operations.
The operational impact of this reference count leak manifests as gradual memory resource consumption within the kernel's device tree subsystem. While individual leaks may appear insignificant, repeated occurrences can lead to resource exhaustion, particularly in systems with frequent GPU initialization cycles or embedded environments with limited memory resources. This vulnerability aligns with CWE-404, which addresses improper resource management, and specifically targets the improper handling of reference-counted objects in kernel space. The leak can potentially contribute to system performance degradation or instability over extended periods of operation.
Mitigation strategies for this vulnerability involve implementing the missing of_node_put() call in the a6xx_gmu_init() function after processing the device tree node through of_find_device_by_node() and of_dma_configure(). This ensures proper reference count management and prevents accumulation of unreleased node references. System administrators should apply kernel updates containing this fix, particularly in embedded systems, mobile devices, and server environments utilizing Qualcomm Adreno 6xx GPU hardware. The fix aligns with ATT&CK technique T1059.003 for kernel-level persistence mechanisms and represents a fundamental resource management correction that prevents potential escalation to more serious system stability issues through resource exhaustion attacks.
This vulnerability demonstrates the critical importance of proper reference counting in kernel space operations and highlights how seemingly minor resource management oversights can create persistent stability issues. The fix ensures that all device tree node references are properly released, maintaining the integrity of the kernel's device tree subsystem and preventing potential cascading failures that could affect GPU functionality and overall system reliability.