CVE-2026-23132
- Source
- https://cve.org/CVERecord?id=CVE-2026-23132
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23132.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2026-23132
- Downstream
- Published
- 2026-02-14T15:14:32.334Z
- Modified
- 2026-03-13T04:06:46.454449Z
- Summary
- drm/bridge: synopsys: dw-dp: fix error paths of dw_dp_bind
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
drm/bridge: synopsys: dw-dp: fix error paths of dwdpbind
Fix several issues in dwdpbind() error handling:
Missing return after drmbridgeattach() failure - the function continued execution instead of returning an error.
Resource leak: drmdpauxregister() is not a devm function, so drmdpauxunregister() must be called on all error paths after aux registration succeeds. This affects errors from:
- drmbridgeattach()
- phy_init()
- devmaddactionorreset()
- platformgetirq()
- devmrequestthreaded_irq()
Bug fix: platformgetirq() returns the IRQ number or a negative error code, but the error path was returning ERRPTR(ret) instead of ERRPTR(dp->irq).
Use a goto label for cleanup to ensure consistent error handling.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23132.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/1a0f69e3c28477b97d3609569b7e8feb4b6162e8
- https://git.kernel.org/stable/c/569ed6a73e927a34cae4ae6de1464c0737a5ec44
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23132.json
- https://nvd.nist.gov/vuln/detail/CVE-2026-23132