Linux Kernel Samsung TTY Memory Leak Vulnerability in Clock Management

A memory leak vulnerability has been identified in the Linux kernel's handling of Samsung TTY serial drivers, specifically within the S3C24XX serial clock management function. This issue arises when the function 'clk_get_rate()' fails, as the newly allocated clock resource is not properly released, leading to a memory leak. The vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability causes a memory leak, where allocated memory is not released back to the system, potentially leading to increased memory usage and exhaustion over time.

Reproduction

The vulnerability can be reproduced by using a Samsung TTY serial driver on a Linux kernel version that is affected by this issue. When the 'clk_get_rate()' function fails, the vulnerability is triggered as the allocated clock is not freed, causing a memory leak.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. The specific commit that fixes this issue is available in the Linux kernel stable tree.