Linux Kernel Regulator Subsystem Resource Leak Vulnerability

A resource leak vulnerability has been identified in the Linux kernel's regulator core. This issue arises in the 'regulator_register()' function, where an unbalanced reference count leads to a memory leak. During fault injection testing, it was observed that the expected reference count was 1, but instead, it was 100, indicating a significant resource management issue. The leak was traced back to the 'rt5190a_probe' function of the 'rt5190a_regulator' overlay node, which failed to properly release resources after an error occurred. This vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability causes a memory leak by failing to properly manage reference counts for regulator nodes, which can lead to increased memory usage and potential exhaustion of system resources.

Reproduction

The vulnerability can be reproduced by probing the 'rt5190a' regulator overlay node via I2C, which triggers the 'regulator_register()' function. This process can be monitored for unbalanced reference counts, indicating a resource leak.

Remediation

The vulnerability has been addressed in upstream commits that are included in the official Linux kernel Git repository. Users should upgrade to the latest version.