Linux Kernel Regulator Subsystem Unbalanced Reference Count Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's regulator core. The issue arises from an unbalanced reference count in the 'regulator_dev_lookup()' function, which can lead to a memory leak. The problem occurs when a node is retrieved using 'of_parse_phandle()' with an incremented reference count. If the corresponding 'of_node_put()' is not called after use, it creates a mismatch in the expected reference count, causing a memory leak. This vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability can lead to a memory leak, where expected reference counts are not properly managed, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by attaching an overlay node to the device tree that includes a reference to a regulator. The 'regulator_dev_lookup()' function will increment the reference count of the node. If the function 'of_node_put()' is not called to decrement the reference count, it will result in an unbalanced reference count, creating a memory leak.

Remediation

The vulnerability has been addressed in the Linux kernel. Users should upgrade to the latest version where this issue has been fixed.