Linux Kernel PTP IRQ Setup Error Path Vulnerability

A vulnerability exists in the Linux kernel's handling of Precision Time Protocol (PTP) message interrupt requests for certain Microchip Ethernet switches. When the function request_threaded_irq() fails during the setup of PTP message interrupts, the newly created interrupt request (IRQ) mapping is not properly disposed of. This oversight can lead to resource leaks, as the error handling in the ksz_ptp_irq_setup() function only frees IRQ mappings that were successfully established. The vulnerability arises because the error path does not account for failed IRQ requests, leaving unused mappings that could potentially cause issues.

Impact

The vulnerability can lead to resource leaks by failing to dispose of IRQ mappings when an error occurs during the PTP message IRQ setup. This can cause interrupt handling issues and potentially disrupt the normal operation of the affected system.

Reproduction

The vulnerability can be reproduced by setting up PTP message IRQs on a Microchip Ethernet switch using the Linux kernel. If the request_threaded_irq() function fails during this process, the vulnerability will manifest as a failure to dispose of the newly created IRQ mapping, leading to a resource leak.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability. Instructions for downloading the patched version can be found in the Linux kernel Git repository.