Linux Kernel GPIO MVEBU Driver Resource Leak Vulnerability

A resource leak vulnerability has been identified in the Linux kernel's GPIO MVEBU driver, specifically in the stable branch. This leak occurs when the driver is detached, leading to an improper handling of the interrupt request (IRQ) domain. The issue arises from the use of 'irq_domain_add_linear' without a corresponding cleanup action, causing resources to be left unreleased when the driver is removed.

Impact

The vulnerability leads to a resource leak in the GPIO MVEBU driver, which can cause memory to be improperly managed and potentially lead to other issues over time.

Reproduction

The vulnerability can be reproduced by loading the GPIO MVEBU driver and then detaching it. This process will trigger the resource leak by removing the driver without properly cleaning up the associated IRQ domain, which is the root cause of the issue.

Remediation

The vulnerability has been addressed in the Linux kernel. Users can upgrade to the latest version of the stable branch to apply the fix.