Linux Kernel DMA Engine STM32 DMAMUX Device Leak Vulnerability

A vulnerability in the Linux kernel's DMA engine for STM32 DMAMUX has been addressed. The issue involved a device leak during route allocation, where a reference to the DMA mux platform device was not properly released. This could potentially lead to stale references, as holding onto a device reference does not guarantee the preservation of its driver data.

Impact

The vulnerability could cause a memory leak by not releasing device references, which may lead to increased memory usage or exhaustion over time.

Reproduction

The vulnerability can be reproduced by allocating a DMA route using the STM32 DMAMUX driver without properly managing the device references. This can be done by creating a DMA route allocation that does not release the device reference after the allocation is complete, allowing the reference to persist even after the driver data has been removed.

Remediation

The vulnerability has been fixed in the Linux kernel. Users should upgrade to the latest version where this issue has been addressed.