CVE-2026-43397
Received Received - Intake
Memory Leak in Samsung DSIM Bridge Driver

Publication date: 2026-05-08

Last updated on: 2026-05-08

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: samsung-dsim: Fix memory leak in error path In samsung_dsim_host_attach(), drm_bridge_add() is called to add the bridge. However, if samsung_dsim_register_te_irq() or pdata->host_ops->attach() fails afterwards, the function returns without removing the bridge, causing a memory leak. Fix this by adding proper error handling with goto labels to ensure drm_bridge_remove() is called in all error paths. Also ensure that samsung_dsim_unregister_te_irq() is called if the attach operation fails after the TE IRQ has been registered. samsung_dsim_unregister_te_irq() function is moved without changes to be before samsung_dsim_host_attach() to avoid forward declaration.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-08
Last Modified
2026-05-08
Generated
2026-05-09
AI Q&A
2026-05-08
EPSS Evaluated
N/A
NVD
CVE-2026-43397
EUVD
EUVD-2026-28703
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux_kernel linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a memory leak in the Linux kernel's drm/bridge component, specifically in the samsung-dsim driver.

The issue occurs in the function samsung_dsim_host_attach(), where drm_bridge_add() is called to add a bridge. If subsequent calls to samsung_dsim_register_te_irq() or pdata->host_ops->attach() fail, the function returns without removing the previously added bridge, causing a memory leak.

The fix involves adding proper error handling using goto labels to ensure drm_bridge_remove() is called on all error paths, and ensuring samsung_dsim_unregister_te_irq() is called if the attach operation fails after the TE IRQ has been registered.


How can this vulnerability impact me? :

This vulnerability can lead to a memory leak in the Linux kernel when the samsung-dsim driver encounters errors during bridge attachment.

Memory leaks can degrade system performance over time by consuming increasing amounts of memory, potentially leading to system instability or crashes if the leak is severe and persistent.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, update the Linux kernel to a version where the drm/bridge samsung-dsim memory leak issue has been fixed.

The fix involves proper error handling in samsung_dsim_host_attach() to ensure drm_bridge_remove() is called on all error paths and that samsung_dsim_unregister_te_irq() is called if the attach operation fails after the TE IRQ has been registered.

Applying the official patch or upgrading to the fixed kernel version will prevent the memory leak caused by improper cleanup in error scenarios.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart