Linux Kernel QUP SPI Controller Resource Leak Vulnerability

A vulnerability in the Linux kernel's SPI QUP driver can lead to a permanent resource leak. This issue arises because the driver's remove callback does not properly release DMA resources when an error occurs, causing a lasting leak that is not addressed later. The vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability causes a permanent leak of DMA resources, which can lead to increased memory usage and potential degradation of system performance.

Reproduction

To reproduce this vulnerability, load a platform driver that uses the QUP SPI controller. During the removal process, if an error occurs, the driver will return early without releasing the allocated DMA resources. This behavior creates a permanent leak, as the resources are not freed and the error is not retried.

Remediation

The vulnerability has been addressed in the Linux kernel. Users can upgrade to the latest version to apply the fix.