Linux Kernel Hi846 Camera Driver Memory Leak Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's Hi846 camera driver, specifically within the 'hi846_parse_dt' function. This issue arises when the driver fails to release V4L2 fwnode resources after certain checks related to supported link frequencies do not pass. The oversight leads to a memory leak, as the allocated resources are not properly freed before the function returns. The vulnerability affects the Linux kernel stable tree.

Impact

Exploitation of this vulnerability leads to a memory leak, where allocated resources are not properly released, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by loading the Hi846 camera driver and providing a device tree configuration that includes unsupported link frequencies or an incorrect number of CSI2 data lanes. The 'hi846_parse_dt' function will then fail to release the V4L2 fwnode resources, causing a memory leak.

Remediation

Users can upgrade to the latest version of the Linux kernel, where this vulnerability has been addressed. Instructions for upgrading the Linux kernel can be found in the official Linux documentation.