5.5

CVE-2022-50250

regulator: core: fix use_count leakage when handling boot-on

In the Linux kernel, the following vulnerability has been resolved:

regulator: core: fix use_count leakage when handling boot-on

I found a use_count leakage towards supply regulator of rdev with
boot-on option.

┌───────────────────┐           ┌───────────────────┐
│  regulator_dev A  │           │  regulator_dev B  │
│     (boot-on)     │           │     (boot-on)     │
│    use_count=0    │◀──supply──│    use_count=1    │
│                   │           │                   │
└───────────────────┘           └───────────────────┘

In case of rdev(A) configured with `regulator-boot-on', the use_count
of supplying regulator(B) will increment inside
regulator_enable(rdev->supply).

Thus, B will acts like always-on, and further balanced
regulator_enable/disable cannot actually disable it anymore.

However, B was also configured with `regulator-boot-on', we wish it
could be disabled afterwards.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.19.270
LinuxLinux Kernel Version >= 4.20 < 5.4.229
LinuxLinux Kernel Version >= 5.5 < 5.10.163
LinuxLinux Kernel Version >= 5.11 < 5.15.86
LinuxLinux Kernel Version >= 5.16 < 6.0.16
LinuxLinux Kernel Version >= 6.1 < 6.1.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.043
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/dc3391d49479bc2bf8a2b88dbf86fdd800882fee
Patch
https://git.kernel.org/stable/c/5bfc53df288e8ea54ca6866fb92034214940183f
Patch
https://git.kernel.org/stable/c/4b737246ff50f810d6ab4be13c1388a07f0c14b1
Patch
https://git.kernel.org/stable/c/feb847e6591e8c7a09cc39721cc9ca74fd9a5d80
Patch
https://git.kernel.org/stable/c/4dd6e1cc9c7403f1ee1b7eee85bc31b797ae8347
Patch
https://git.kernel.org/stable/c/bc6c381df5793ebcf32db88a3e65acf7870379fc
Patch
https://git.kernel.org/stable/c/0591b14ce0398125439c759f889647369aa616a0
Patch