Linux Kernel Regulator Boot-On Option Use Count Leakage Vulnerability

A use count leakage vulnerability has been identified in the Linux kernel regulator core, specifically related to the handling of the boot-on option for supply regulators. When a regulator device (rdev) is configured with the 'regulator-boot-on' option, the use count of its supplying regulator is improperly incremented. This causes the supplying regulator to behave as if it is always on, preventing it from being properly disabled later. The issue arises because both the regulator device and its supplying regulator can be set to boot-on, creating a conflict where the intended functionality of being able to disable the regulator is lost.

Impact

Exploitation of this vulnerability leads to a use count leakage, causing a supplying regulator to remain enabled when it should be disabled. This mismanagement of the regulator's state can interfere with the proper functioning of the device that relies on it.

Reproduction

To reproduce this vulnerability, configure a regulator device with the 'regulator-boot-on' option. This will cause the use count of the supplying regulator to increment, making it act as if it is always on. Attempting to disable it afterwards will not work, as the regulator will remain in an enabled state.

Remediation

The vulnerability has been addressed in the Linux kernel. Users should upgrade to the latest version where this issue has been fixed.