Executive Summary

This vulnerability is a reference count leak in the Linux kernel's USB Type-C driver for the wusb3801 device. Specifically, if the function wusb3801_hw_init() fails, the code does not properly call fwnode_handle_put(), leading to an unbalanced reference count and a memory leak related to device tree node handling.

Useful 0 Not Useful 0

Impact Analysis

The impact of this vulnerability is a memory leak in the kernel due to unbalanced reference counting. Over time, this could lead to increased memory usage and potentially degrade system stability or cause resource exhaustion.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by monitoring kernel logs for messages indicating a reference count leak related to the wusb3801 driver. Specifically, look for errors such as: 'OF: ERROR: memory leak, expected refcount 1 instead of 4, of_node_get()/of_node_put() unbalanced - destroy cset entry: attach overlay node /i2c/tcpc@60/connector'. You can use the command 'dmesg | grep -i wusb3801' or 'journalctl -k | grep -i wusb3801' to check for such messages.

Useful 0 Not Useful 0

Mitigation Strategies

To mitigate this vulnerability, update the Linux kernel to a version where the wusb3801 driver has been fixed to properly call fwnode_handle_put() when wusb3801_hw_init() fails, preventing the reference count leak. If updating is not immediately possible, monitor for the error messages and avoid using affected hardware or drivers until patched.

Useful 0 Not Useful 0