2468188 – (CVE-2026-43397) CVE-2026-43397 kernel: drm/bridge: samsung-dsim: Fix memory leak in error path

Bug 2468188 (CVE-2026-43397) - CVE-2026-43397 kernel: drm/bridge: samsung-dsim: Fix memory leak in error path

Summary: CVE-2026-43397 kernel: drm/bridge: samsung-dsim: Fix memory leak in error path

Keywords:
Status:	NEW
Alias:	CVE-2026-43397
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2026-05-08 15:03 UTC by OSIDB Bzimport
Modified:	2026-05-08 22:00 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-05-08 15:03:46 UTC

In the Linux kernel, the following vulnerability has been resolved:

drm/bridge: samsung-dsim: Fix memory leak in error path

In samsung_dsim_host_attach(), drm_bridge_add() is called to add the
bridge. However, if samsung_dsim_register_te_irq() or
pdata->host_ops->attach() fails afterwards, the function returns
without removing the bridge, causing a memory leak.

Fix this by adding proper error handling with goto labels to ensure
drm_bridge_remove() is called in all error paths. Also ensure that
samsung_dsim_unregister_te_irq() is called if the attach operation
fails after the TE IRQ has been registered.

samsung_dsim_unregister_te_irq() function is moved without changes
to be before samsung_dsim_host_attach() to avoid forward declaration.

Comment 1 Keith Grant 2026-05-08 21:58:01 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2026050838-CVE-2026-43397-2864@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.