Linux Kernel Devres Resource Management Vulnerability in Device Unregistration

A vulnerability exists in the Linux kernel's device unregistration process, particularly affecting bus-less or driver-less devices. The issue arises because the function responsible for releasing managed resources is only called for devices with an associated bus and that have been probed. As a result, devices may not be properly freed if a managed resource retains a reference to them, leading to potential memory leaks. This problem is evident in the Direct Rendering Manager (DRM) framework. The vulnerability has been addressed by modifying the device deletion process to ensure that managed resources are released, even for devices lacking a bus or driver.

Impact

Failure to properly release managed resources during the unregistration of bus-less or driver-less devices can lead to memory leaks, as these devices may remain allocated and not freed, causing unnecessary resource consumption and potential exhaustion of available memory.

Reproduction

The vulnerability can be reproduced by registering a bus-less or driver-less device and then unregistering it without the device having been probed. This can be done using the platform_device_alloc function, followed by a call to device_del, while ensuring that no driver is attached to the device.

Remediation

The vulnerability has been fixed in the Linux kernel by updating the device_del function to call devres_release_all for all devices, regardless of their bus or driver status. Users should upgrade to the latest version of the Linux kernel where this fix has been applied.