Linux Kernel WCD9335 Codec Regulator Supply Memory Leak Vulnerability

Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's ASoC codecs, specifically within the WCD9335 driver. The issue arises because the driver fails to properly release regulator supplies after enabling them during the probe process. This oversight leads to leaked memory and an unbalanced count of enabled regulators, particularly during probe errors or when the device is unbound. The vulnerability has been addressed by modifying the code to use 'devm_regulator_bulk_get_enable()', which simplifies the process and ensures proper cleanup.

Impact

Exploitation of this vulnerability causes memory leaks and disrupts the balance of regulator enable counts, potentially leading to resource exhaustion or instability in the system.

Added: Jul 9, 2025, 11:25 AM

Updated: Jul 9, 2025, 11:25 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel WCD9335 Codec Regulator Supply Memory Leak Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating