CVE-2026-43397

MEDIUM

drm/bridge: samsung-dsim: Fix memory leak in error path

Title source: cna

Description

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: samsung-dsim: Fix memory leak in error path In samsung_dsim_host_attach(), drm_bridge_add() is called to add the bridge. However, if samsung_dsim_register_te_irq() or pdata->host_ops->attach() fails afterwards, the function returns without removing the bridge, causing a memory leak. Fix this by adding proper error handling with goto labels to ensure drm_bridge_remove() is called in all error paths. Also ensure that samsung_dsim_unregister_te_irq() is called if the attach operation fails after the TE IRQ has been registered. samsung_dsim_unregister_te_irq() function is moved without changes to be before samsung_dsim_host_attach() to avoid forward declaration.

References (5)

Core 5

Core References

https://git.kernel.org/stable/c/98310fe3a2a79671b739a5344c1a11d74c503e25

https://git.kernel.org/stable/c/0b07f7d2c5a4078c2f1c11bb36685084fe4e5c95

https://git.kernel.org/stable/c/e6d779654cda63d632bd8dfcdcabd125057e30a5

https://git.kernel.org/stable/c/a40b92fb4b26d4cb1b5e439e55a56db7e79a82d1

https://git.kernel.org/stable/c/803ec1faf7c1823e6e3b1f2aaa81be18528c9436

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 2.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-401

Status published

Products (14)

Linux/Linux < 6.4

Linux/Linux 6.12.78 - 6.12.*

Linux/Linux 6.18.19 - 6.18.*

Linux/Linux 6.19.9 - 6.19.*

Linux/Linux 6.4

Linux/Linux 6.6.130 - 6.6.*

Linux/Linux 7.0

Linux/Linux e7447128ca4a250374d6721ee98e3e3cf99551a6 - 0b07f7d2c5a4078c2f1c11bb36685084fe4e5c95

Linux/Linux e7447128ca4a250374d6721ee98e3e3cf99551a6 - 803ec1faf7c1823e6e3b1f2aaa81be18528c9436

Linux/Linux e7447128ca4a250374d6721ee98e3e3cf99551a6 - 98310fe3a2a79671b739a5344c1a11d74c503e25

... and 4 more

Published May 08, 2026

Tracked Since May 08, 2026