Description
In the Linux kernel, the following vulnerability has been resolved:

regulator: fp9931: Fix PM runtime reference leak in fp9931_hwmon_read()

In fp9931_hwmon_read(), if regmap_read() failed, the function returned
the error code without calling pm_runtime_put_autosuspend(), causing
a PM reference leak.
Published: 2026-03-25
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A defect in the Linux kernel’s fp9931 regulator driver leaks power‑management references when a hardware‑monitor read fails. The regmap_read error is returned without releasing the pm_runtime put autosuspend reference, causing the reference count to grow. Over time this resource exhaustion can destabilize the power‑management subsystem and lead to a denial of service. The underlying weakness is a resource‑management flaw classified as CWE‑911.

Affected Systems

The vulnerability exists in any Linux kernel version that ships the fp9931 regulator driver without the patch commit 0902010c8d163f7b62e655efda1a843529152c7c. Systems that load this driver on a vulnerable kernel are susceptible whenever a hardware‑monitor read operation encounters an error.

Risk and Exploitability

The EPSS score is below 1% and the vulnerability is not listed in CISA’s KEV catalog, indicating a low probability of exploitation. The CVSS score of 5.5 suggests a medium severity. The attack requires an environment where the fp9931 register map read can repeatedly fail, which is most likely achieved by local system compromise or by inducing fault conditions in the hardware. Based on the description, the likely attack vector is local fault injection that forces repeated read errors; without such conditions the risk remains primarily maintenance‑related rather than an active attack vector.

Generated by OpenCVE AI on May 22, 2026 at 01:55 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the Linux kernel to a version that includes the fp9931_hwmon_read patch (commit 0902010c8d163f7b62e655efda1a843529152c7c).
  • Reboot the system after applying the kernel update to reset any retained power‑management references.
  • If the fp9931 regulator driver is not required for system operation, disable its loading via module configuration to eliminate the vulnerability risk.

Generated by OpenCVE AI on May 22, 2026 at 01:55 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 22 May 2026 00:30:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-Other
CPEs cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Thu, 26 Mar 2026 12:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Thu, 26 Mar 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-911
References

Wed, 25 Mar 2026 22:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Wed, 25 Mar 2026 10:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: regulator: fp9931: Fix PM runtime reference leak in fp9931_hwmon_read() In fp9931_hwmon_read(), if regmap_read() failed, the function returned the error code without calling pm_runtime_put_autosuspend(), causing a PM reference leak.
Title regulator: fp9931: Fix PM runtime reference leak in fp9931_hwmon_read()
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-11T22:03:52.480Z

Reserved: 2026-01-13T15:37:45.992Z

Link: CVE-2026-23283

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-03-25T11:16:22.957

Modified: 2026-05-22T00:19:22.697

Link: CVE-2026-23283

cve-icon Redhat

Severity :

Publid Date: 2026-03-25T00:00:00Z

Links: CVE-2026-23283 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-22T02:00:13Z

Weaknesses