Linux Kernel HSI Protocol Resource Leak Vulnerability in ssip_pn_open Function

A resource leak vulnerability has been identified in the Linux kernel's HSI protocol implementation, specifically within the ssip_pn_open function. This vulnerability arises because the function claims a port for the HSI client but fails to release it properly when an error occurs during the registration of the HSI port event. The issue has been addressed by modifying the code to ensure that the port is released in the event of a registration error.

Impact

The vulnerability could lead to a resource leak, where ports are not released properly, potentially causing exhaustion of available resources or other unintended side effects.

Reproduction

To reproduce this vulnerability, invoke the ssip_pn_open function in the HSI client's context. If the function hsi_register_port_event() returns an error, the port claimed by hsi_claim_port() will not be released, leading to a resource leak. This can be observed by monitoring the port allocation and release events.

Remediation

The vulnerability has been fixed in the Linux kernel. Users should upgrade to the latest version where this commit is included.