Linux Kernel DRM Bridge Synopsys DW-DP Error Handling Vulnerability

A vulnerability in the Linux kernel's DRM bridge Synopsys DW-DP component has been addressed. The issue stemmed from improper error handling in the 'dw_dp_bind' function, which is responsible for binding the DisplayPort transmitter controller. Several problems were identified: 1. The function failed to return an error after 'drm_bridge_attach' encountered a failure, leading to continued execution instead of proper error propagation. 2. There was a resource leak because 'drm_dp_aux_register' does not manage resources automatically, requiring 'drm_dp_aux_unregister' to be called on all error paths after a successful auxiliary registration. This oversight affected error handling for multiple functions, including 'drm_bridge_attach', 'phy_init', 'devm_add_action_or_reset', 'platform_get_irq', and 'devm_request_threaded_irq'. 3. A bug was present where 'platform_get_irq' returned an IRQ number or a negative error code, but the error handling path incorrectly returned an error pointer for the wrong value. The function has been updated to use a goto statement for cleanup, ensuring consistent error management.

Impact

The vulnerability could lead to improper resource management, causing potential memory leaks or undefined behavior in the error handling process.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version are available on the Linux kernel official website.