Description
In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpci: fix of node refcount leak in tcpci_register_port() I got the following report while doing device(mt6370-tcpc) load test with CONFIG_OF_UNITTEST and CONFIG_OF_DYNAMIC enabled: OF: ERROR: memory leak, expected refcount 1 instead of 2, of_node_get()/of_node_put() unbalanced - destroy cset entry: attach overlay node /i2c/pmic@34/tcpc/connector The 'fwnode' set in tcpci_parse_config() which is called in tcpci_register_port(), its node refcount is increased in device_get_named_child_node(). It needs be put while exiting, so call fwnode_handle_put() in the error path of tcpci_register_port() and in tcpci_unregister_port() to avoid leak.
Product status
5e85a04c8c0d271d7561a770b85741f186398868 (git) before 4f257e2eba419ab4cd880c822346450e4e7b2af3
5e85a04c8c0d271d7561a770b85741f186398868 (git) before d3b6c28a71f111a6c67ddc3238aab95910fd86cf
5e85a04c8c0d271d7561a770b85741f186398868 (git) before ba75be6f0d9d028d20852564206565a4c03e3288
5e85a04c8c0d271d7561a770b85741f186398868 (git) before e75a324409715bd71348f79a49aa61b69dbeb676
5e85a04c8c0d271d7561a770b85741f186398868 (git) before 5f125507d2270035dfcf83fbff6cff5a143e200c
5e85a04c8c0d271d7561a770b85741f186398868 (git) before 0384e87e3fec735e47f1c133c796f32ef7a72a9b
4.19
Any version before 4.19
5.4.229 (semver)
5.10.163 (semver)
5.15.86 (semver)
6.0.16 (semver)
6.1.2 (semver)
6.2 (original_commit_for_fix)
References
git.kernel.org/...c/4f257e2eba419ab4cd880c822346450e4e7b2af3
git.kernel.org/...c/d3b6c28a71f111a6c67ddc3238aab95910fd86cf
git.kernel.org/...c/ba75be6f0d9d028d20852564206565a4c03e3288
git.kernel.org/...c/e75a324409715bd71348f79a49aa61b69dbeb676
git.kernel.org/...c/5f125507d2270035dfcf83fbff6cff5a143e200c
git.kernel.org/...c/0384e87e3fec735e47f1c133c796f32ef7a72a9b
