CVE-2022-50887
regulator: core: fix unbalanced of node refcount in regulator_dev_lookup()
Description
In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix unbalanced of node refcount in regulator_dev_lookup() I got the the following report: OF: ERROR: memory leak, expected refcount 1 instead of 2, of_node_get()/of_node_put() unbalanced - destroy cset entry: attach overlay node /i2c/pmic@62/regulators/exten In of_get_regulator(), the node is returned from of_parse_phandle() with refcount incremented, after using it, of_node_put() need be called.
INFO
Published Date :
Dec. 30, 2025, 1:16 p.m.
Last Modified :
Dec. 30, 2025, 1:16 p.m.
Remotely Exploit :
No
Source :
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Affected Products
The following products are affected by CVE-2022-50887
vulnerability.
Even if cvefeed.io is aware of the exact versions of the
products
that
are
affected, the information is not represented in the table below.
No affected product recoded yet
Solution
- Apply the kernel patch for regulator: core.
- Ensure of_node_put() is called after using of_parse_phandle().
- Recompile and update the Linux kernel.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2022-50887.
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2022-50887 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2022-50887
weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2022-50887 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2022-50887 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Dec. 30, 2025
Action Type Old Value New Value Added Description In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix unbalanced of node refcount in regulator_dev_lookup() I got the the following report: OF: ERROR: memory leak, expected refcount 1 instead of 2, of_node_get()/of_node_put() unbalanced - destroy cset entry: attach overlay node /i2c/pmic@62/regulators/exten In of_get_regulator(), the node is returned from of_parse_phandle() with refcount incremented, after using it, of_node_put() need be called. Added Reference https://git.kernel.org/stable/c/0e88505ac0a6ae97746bcdbd4b042ee9f20455ae Added Reference https://git.kernel.org/stable/c/2b93c58adddd98812ad928bbc2063038f3df1ffd Added Reference https://git.kernel.org/stable/c/2f98469c3141f8e42ba11075a273fb795bbad57f Added Reference https://git.kernel.org/stable/c/3ac888db0f67813d91373a9a61c840f815cd4ec9 Added Reference https://git.kernel.org/stable/c/4dfcf5087db9a34a300d6b99009232d4537c3e6a Added Reference https://git.kernel.org/stable/c/cda1895f3b7f324ece1614308a815a3994983b97 Added Reference https://git.kernel.org/stable/c/d39937f8de641c44a337cec4a2e5d3e8add20a7d Added Reference https://git.kernel.org/stable/c/f2b41b748c19962b82709d9f23c6b2b0ce9d2f91 Added Reference https://git.kernel.org/stable/c/f48c474efe05cf9ce5e535b5e0ddd710e963936c