Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: samsung-dsim: Fix memory leak in error path In samsung_dsim_host_attach(), drm_bridge_add() is called to add the bridge. However, if samsung_dsim_register_te_irq() or pdata->host_ops->attach() fails afterwards, the function returns without removing the bridge, causing a memory leak. Fix this by adding proper error handling with goto labels to ensure drm_bridge_remove() is called in all error paths. Also ensure that samsung_dsim_unregister_te_irq() is called if the attach operation fails after the TE IRQ has been registered. samsung_dsim_unregister_te_irq() function is moved without changes to be before samsung_dsim_host_attach() to avoid forward declaration.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 6.4, < 6.6.130 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/0b07f7d2c5a4078c2f1c11bb36685084fe4e5c95Patch
- https://git.kernel.org/stable/c/803ec1faf7c1823e6e3b1f2aaa81be18528c9436Patch
- https://git.kernel.org/stable/c/98310fe3a2a79671b739a5344c1a11d74c503e25Patch
- https://git.kernel.org/stable/c/a40b92fb4b26d4cb1b5e439e55a56db7e79a82d1Patch
- https://git.kernel.org/stable/c/e6d779654cda63d632bd8dfcdcabd125057e30a5Patch
FAQ
What is CVE-2026-43397?
CVE-2026-43397 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: drm/bridge: samsung-dsim: Fix memory leak in error path In samsung_dsim_host_attach(), drm_bridge_add() is called to add the bridg...
How severe is CVE-2026-43397?
CVE-2026-43397 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-43397?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.