Linux Kernel Nouveau Connector Use-After-Free Vulnerability in Error Handling

A use-after-free vulnerability has been addressed in the Linux kernel's Nouveau graphics driver, specifically within the error handling of the 'nouveau_connector_create' function. This vulnerability arises because the connector cannot be freed immediately after initialization; the DRM (Direct Rendering Manager) side must be cleaned up first. The issue could lead to memory corruption, particularly in relation to a previous commit that introduced regressions by altering how display port hotplug signals are managed. The vulnerability has been fixed by modifying the error handling process to ensure proper cleanup before freeing the connector.

Impact

Exploitation of this vulnerability could lead to memory corruption, causing potential instability or unexpected behavior in the system.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version are available on the Linux kernel official website.