In the Linux kernel, the following vulnerability has been resolved:
iommu/arm-smmu: Fix armsmmudevice refcount leak when armsmmurpm_get fails
armsmmurpmget() invokes pmruntimegetsync(), which increases the refcount of the "smmu" even though the return value is less than 0.
The reference counting issue happens in some error handling paths of armsmmurpmget() in its caller functions. When armsmmurpmget() fails, the caller functions forget to decrease the refcount of "smmu" increased by armsmmurpm_get(), causing a refcount leak.
Fix this issue by calling pmruntimeresumeandget() instead of pmruntimegetsync() in armsmmurpmget(), which can keep the refcount balanced in case of failure.