Linux Kernel Resource Leak Vulnerability in NCT7363 Hardware Monitoring Driver

A resource leak vulnerability has been identified in the Linux kernel's NCT7363 hardware monitoring driver. The issue arises in the 'nct7363_present_pwm_fanin' function, where a reference to a device node is not properly released after being parsed. This oversight creates a resource leak, as the function fails to call 'of_node_put()' to relinquish the node reference, leaving it dangling.

Impact

The vulnerability leads to a resource leak, where references to device nodes are not properly released, potentially causing memory management issues.

Reproduction

The vulnerability can be reproduced by invoking the 'nct7363_present_pwm_fanin' function within the NCT7363 hardware monitoring driver. The function will parse a device node reference but fail to release it, creating a resource leak.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. The specific commit fixing this issue is available in the Linux kernel stable tree.