vulnerability
Ubuntu: (CVE-2022-50250): linux vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | Sep 16, 2025 | Sep 19, 2025 | Dec 2, 2025 |
Description
In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix use_count leakage when handling boot-on I found a use_count leakage towards supply regulator of rdev with boot-on option. ┌───────────────────┐ ┌───────────────────┐ │ regulator_dev A │ │ regulator_dev B │ │ (boot-on) │ │ (boot-on) │ │ use_count=0 │◀──supply──│ use_count=1 │ │ │ │ │ └───────────────────┘ └───────────────────┘ In case of rdev(A) configured with `regulator-boot-on', the use_count of supplying regulator(B) will increment inside regulator_enable(rdev->supply). Thus, B will acts like always-on, and further balanced regulator_enable/disable cannot actually disable it anymore. However, B was also configured with `regulator-boot-on', we wish it could be disabled afterwards.
Solutions
References
- CVE-2022-50250
- https://attackerkb.com/topics/CVE-2022-50250
- URL-https://git.kernel.org/linus/0591b14ce0398125439c759f889647369aa616a0
- URL-https://git.kernel.org/stable/c/0591b14ce0398125439c759f889647369aa616a0
- URL-https://git.kernel.org/stable/c/4b737246ff50f810d6ab4be13c1388a07f0c14b1
- URL-https://git.kernel.org/stable/c/4dd6e1cc9c7403f1ee1b7eee85bc31b797ae8347
- URL-https://git.kernel.org/stable/c/5bfc53df288e8ea54ca6866fb92034214940183f
- URL-https://git.kernel.org/stable/c/bc6c381df5793ebcf32db88a3e65acf7870379fc
- URL-https://git.kernel.org/stable/c/dc3391d49479bc2bf8a2b88dbf86fdd800882fee
- URL-https://git.kernel.org/stable/c/feb847e6591e8c7a09cc39721cc9ca74fd9a5d80
- URL-https://www.cve.org/CVERecord?id=CVE-2022-50250
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.