Linux Kernel Platform Device Memory Leak Vulnerability in IMX SCU Clock Driver

A memory leak vulnerability has been identified in the Linux kernel's IMX SCU clock driver. The issue arises in the 'imx_clk_scu_alloc_dev' function, where the 'platform_device_add' call can fail without proper error handling. This oversight can lead to a memory leak, as the platform device is not released if the addition fails. The vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability can cause a memory leak, where allocated memory is not properly released, potentially leading to increased memory usage and exhaustion over time.

Reproduction

The vulnerability can be reproduced by invoking the 'imx_clk_scu_alloc_dev' function with a platform device that fails to be added. This can be simulated by creating a scenario where 'platform_device_add' returns an error, such as by using a device that is not properly configured or by forcing an error condition.

Remediation

The vulnerability has been addressed in the Linux kernel stable tree. Users can upgrade to the latest version to apply the fix.