CVE-2026-45875
Description
In the Linux kernel, the following vulnerability has been resolved:
mfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure
The wm5102_clear_write_sequencer() helper may return an error and just return, bypassing the cleanup sequence and causing regulators to remain enabled, leading to a resource leak.
Change the direct return to jump to the err_reset label to properly free the resources.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A resource leak in the Linux kernel's Arizona MFD driver leaves regulators enabled after a wm5102_clear_write_sequencer() failure.
Vulnerability
In the Linux kernel's mfd: arizona driver, the wm5102_clear_write_sequencer() helper may return an error. Prior to the fix, the code directly returned upon an error, bypassing the cleanup sequence and causing regulators to remain enabled, leading to a resource leak. The affected versions are those that include this code path before commits [1] and [2].
Exploitation
An attacker can trigger this vulnerability by causing wm5102_clear_write_sequencer() to fail. This could occur during device initialization or power management operations. No special privileges are required; physical access or the ability to induce an error in the device can lead to the resource leak.
Impact
An attacker can cause regulators to remain enabled, resulting in a resource leak that increases power consumption. This could lead to reduced battery life or, in extreme cases, regulator exhaustion. However, there is no privilege escalation, code execution, or data disclosure.
Mitigation
The vulnerability is fixed in Linux kernel stable commits [1] and [2]. Users should update to kernels containing these commits. No workarounds are available.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
165a4923726a16mfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure
1 file changed · +1 −2
drivers/mfd/arizona-core.c+1 −2 modifieddiff --git a/drivers/mfd/arizona-core.c b/drivers/mfd/arizona-core.c index 85ff8717d85047..91975536d14d21 100644 --- a/drivers/mfd/arizona-core.c +++ b/drivers/mfd/arizona-core.c @@ -1100,7 +1100,7 @@ int arizona_dev_init(struct arizona *arizona) } else if (val & 0x01) { ret = wm5102_clear_write_sequencer(arizona); if (ret) - return ret; + goto err_reset; } break; default: -- cgit 1.3-korg
54eafc1b0dbcmfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure
1 file changed · +1 −2
drivers/mfd/arizona-core.c+1 −2 modifieddiff --git a/drivers/mfd/arizona-core.c b/drivers/mfd/arizona-core.c index afdc4908362556..18f448fa333282 100644 --- a/drivers/mfd/arizona-core.c +++ b/drivers/mfd/arizona-core.c @@ -1150,7 +1150,7 @@ int arizona_dev_init(struct arizona *arizona) } else if (val & 0x01) { ret = wm5102_clear_write_sequencer(arizona); if (ret) - return ret; + goto err_reset; } break; default: -- cgit 1.3-korg
e0527c09bcf1mfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure
1 file changed · +1 −2
drivers/mfd/arizona-core.c+1 −2 modifieddiff --git a/drivers/mfd/arizona-core.c b/drivers/mfd/arizona-core.c index 85ff8717d85047..91975536d14d21 100644 --- a/drivers/mfd/arizona-core.c +++ b/drivers/mfd/arizona-core.c @@ -1100,7 +1100,7 @@ int arizona_dev_init(struct arizona *arizona) } else if (val & 0x01) { ret = wm5102_clear_write_sequencer(arizona); if (ret) - return ret; + goto err_reset; } break; default: -- cgit 1.3-korg
933c54638735mfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure
1 file changed · +1 −2
drivers/mfd/arizona-core.c+1 −2 modifieddiff --git a/drivers/mfd/arizona-core.c b/drivers/mfd/arizona-core.c index 5c8317bd4d98b2..6ec50eb1544c0b 100644 --- a/drivers/mfd/arizona-core.c +++ b/drivers/mfd/arizona-core.c @@ -1119,7 +1119,7 @@ int arizona_dev_init(struct arizona *arizona) } else if (val & 0x01) { ret = wm5102_clear_write_sequencer(arizona); if (ret) - return ret; + goto err_reset; } break; default: -- cgit 1.3-korg
445cec7b4fbbmfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure
1 file changed · +1 −2
drivers/mfd/arizona-core.c+1 −2 modifieddiff --git a/drivers/mfd/arizona-core.c b/drivers/mfd/arizona-core.c index b1c53e0407710c..9ac671ec26684c 100644 --- a/drivers/mfd/arizona-core.c +++ b/drivers/mfd/arizona-core.c @@ -1106,7 +1106,7 @@ int arizona_dev_init(struct arizona *arizona) } else if (val & 0x01) { ret = wm5102_clear_write_sequencer(arizona); if (ret) - return ret; + goto err_reset; } break; default: -- cgit 1.3-korg
3ea01691738bmfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure
1 file changed · +1 −2
drivers/mfd/arizona-core.c+1 −2 modifieddiff --git a/drivers/mfd/arizona-core.c b/drivers/mfd/arizona-core.c index 19a0adf8ce3dbc..35f516d934c8b5 100644 --- a/drivers/mfd/arizona-core.c +++ b/drivers/mfd/arizona-core.c @@ -1100,7 +1100,7 @@ int arizona_dev_init(struct arizona *arizona) } else if (val & 0x01) { ret = wm5102_clear_write_sequencer(arizona); if (ret) - return ret; + goto err_reset; } break; default: -- cgit 1.3-korg
2049820d1e63mfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure
1 file changed · +1 −2
drivers/mfd/arizona-core.c+1 −2 modifieddiff --git a/drivers/mfd/arizona-core.c b/drivers/mfd/arizona-core.c index 85ff8717d85047..91975536d14d21 100644 --- a/drivers/mfd/arizona-core.c +++ b/drivers/mfd/arizona-core.c @@ -1100,7 +1100,7 @@ int arizona_dev_init(struct arizona *arizona) } else if (val & 0x01) { ret = wm5102_clear_write_sequencer(arizona); if (ret) - return ret; + goto err_reset; } break; default: -- cgit 1.3-korg
4feb753ba6e5mfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure
1 file changed · +1 −2
drivers/mfd/arizona-core.c+1 −2 modifieddiff --git a/drivers/mfd/arizona-core.c b/drivers/mfd/arizona-core.c index 85ff8717d85047..91975536d14d21 100644 --- a/drivers/mfd/arizona-core.c +++ b/drivers/mfd/arizona-core.c @@ -1100,7 +1100,7 @@ int arizona_dev_init(struct arizona *arizona) } else if (val & 0x01) { ret = wm5102_clear_write_sequencer(arizona); if (ret) - return ret; + goto err_reset; } break; default: -- cgit 1.3-korg
54eafc1b0dbcmfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure
1 file changed · +1 −2
drivers/mfd/arizona-core.c+1 −2 modifieddiff --git a/drivers/mfd/arizona-core.c b/drivers/mfd/arizona-core.c index afdc4908362556..18f448fa333282 100644 --- a/drivers/mfd/arizona-core.c +++ b/drivers/mfd/arizona-core.c @@ -1150,7 +1150,7 @@ int arizona_dev_init(struct arizona *arizona) } else if (val & 0x01) { ret = wm5102_clear_write_sequencer(arizona); if (ret) - return ret; + goto err_reset; } break; default: -- cgit 1.3-korg
3ea01691738bmfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure
1 file changed · +1 −2
drivers/mfd/arizona-core.c+1 −2 modifieddiff --git a/drivers/mfd/arizona-core.c b/drivers/mfd/arizona-core.c index 19a0adf8ce3dbc..35f516d934c8b5 100644 --- a/drivers/mfd/arizona-core.c +++ b/drivers/mfd/arizona-core.c @@ -1100,7 +1100,7 @@ int arizona_dev_init(struct arizona *arizona) } else if (val & 0x01) { ret = wm5102_clear_write_sequencer(arizona); if (ret) - return ret; + goto err_reset; } break; default: -- cgit 1.3-korg
933c54638735mfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure
1 file changed · +1 −2
drivers/mfd/arizona-core.c+1 −2 modifieddiff --git a/drivers/mfd/arizona-core.c b/drivers/mfd/arizona-core.c index 5c8317bd4d98b2..6ec50eb1544c0b 100644 --- a/drivers/mfd/arizona-core.c +++ b/drivers/mfd/arizona-core.c @@ -1119,7 +1119,7 @@ int arizona_dev_init(struct arizona *arizona) } else if (val & 0x01) { ret = wm5102_clear_write_sequencer(arizona); if (ret) - return ret; + goto err_reset; } break; default: -- cgit 1.3-korg
5a4923726a16mfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure
1 file changed · +1 −2
drivers/mfd/arizona-core.c+1 −2 modifieddiff --git a/drivers/mfd/arizona-core.c b/drivers/mfd/arizona-core.c index 85ff8717d85047..91975536d14d21 100644 --- a/drivers/mfd/arizona-core.c +++ b/drivers/mfd/arizona-core.c @@ -1100,7 +1100,7 @@ int arizona_dev_init(struct arizona *arizona) } else if (val & 0x01) { ret = wm5102_clear_write_sequencer(arizona); if (ret) - return ret; + goto err_reset; } break; default: -- cgit 1.3-korg
4feb753ba6e5mfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure
1 file changed · +1 −2
drivers/mfd/arizona-core.c+1 −2 modifieddiff --git a/drivers/mfd/arizona-core.c b/drivers/mfd/arizona-core.c index 85ff8717d85047..91975536d14d21 100644 --- a/drivers/mfd/arizona-core.c +++ b/drivers/mfd/arizona-core.c @@ -1100,7 +1100,7 @@ int arizona_dev_init(struct arizona *arizona) } else if (val & 0x01) { ret = wm5102_clear_write_sequencer(arizona); if (ret) - return ret; + goto err_reset; } break; default: -- cgit 1.3-korg
445cec7b4fbbmfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure
1 file changed · +1 −2
drivers/mfd/arizona-core.c+1 −2 modifieddiff --git a/drivers/mfd/arizona-core.c b/drivers/mfd/arizona-core.c index b1c53e0407710c..9ac671ec26684c 100644 --- a/drivers/mfd/arizona-core.c +++ b/drivers/mfd/arizona-core.c @@ -1106,7 +1106,7 @@ int arizona_dev_init(struct arizona *arizona) } else if (val & 0x01) { ret = wm5102_clear_write_sequencer(arizona); if (ret) - return ret; + goto err_reset; } break; default: -- cgit 1.3-korg
2049820d1e63mfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure
1 file changed · +1 −2
drivers/mfd/arizona-core.c+1 −2 modifieddiff --git a/drivers/mfd/arizona-core.c b/drivers/mfd/arizona-core.c index 85ff8717d85047..91975536d14d21 100644 --- a/drivers/mfd/arizona-core.c +++ b/drivers/mfd/arizona-core.c @@ -1100,7 +1100,7 @@ int arizona_dev_init(struct arizona *arizona) } else if (val & 0x01) { ret = wm5102_clear_write_sequencer(arizona); if (ret) - return ret; + goto err_reset; } break; default: -- cgit 1.3-korg
e0527c09bcf1mfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure
1 file changed · +1 −2
drivers/mfd/arizona-core.c+1 −2 modifieddiff --git a/drivers/mfd/arizona-core.c b/drivers/mfd/arizona-core.c index 85ff8717d85047..91975536d14d21 100644 --- a/drivers/mfd/arizona-core.c +++ b/drivers/mfd/arizona-core.c @@ -1100,7 +1100,7 @@ int arizona_dev_init(struct arizona *arizona) } else if (val & 0x01) { ret = wm5102_clear_write_sequencer(arizona); if (ret) - return ret; + goto err_reset; } break; default: -- cgit 1.3-korg
Vulnerability mechanics
Root cause
"Missing error-path cleanup: a direct return on wm5102_clear_write_sequencer() failure bypasses regulator disable, causing a resource leak."
Attack vector
An attacker who can cause the `wm5102_clear_write_sequencer()` helper to return an error during device initialization will trigger the bug. The error path in `arizona_dev_init()` previously used a direct `return ret;` statement, which bypassed the `err_reset` label that normally disables regulators [patch_id=2661801]. This leaves the regulators enabled, causing a resource leak. No special network or authentication preconditions are described in the patch; the trigger is a hardware or firmware error during the write-sequencer clear operation.
Affected code
The bug is in `drivers/mfd/arizona-core.c` in the `arizona_dev_init()` function. When the device is a WM5102 and a certain register value (`val & 0x01`) is set, the code calls `wm5102_clear_write_sequencer()` and, on failure, returns directly instead of jumping to the `err_reset` cleanup label [patch_id=2661801].
What the fix does
The patch changes the error-handling code from `return ret;` to `goto err_reset;` in the WM5102 branch of `arizona_dev_init()` [patch_id=2661801]. The `err_reset` label is the existing cleanup path that properly disables regulators and performs other teardown. By routing the failure through this label, the fix ensures that regulators are always released when `wm5102_clear_write_sequencer()` fails, eliminating the resource leak.
Preconditions
- configThe system must have a WM5102 Arizona audio device that triggers the write-sequencer clear path during init.
- inputThe wm5102_clear_write_sequencer() call must return an error (e.g., due to a hardware or firmware fault).
Generated on May 27, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
8- git.kernel.org/stable/c/2049820d1e635e467d795237fd40287213d92349nvd
- git.kernel.org/stable/c/3ea01691738b0decb63ea2705d2cdf27f6f26fc0nvd
- git.kernel.org/stable/c/445cec7b4fbb1546836ae8e332d158e8d37d0fb6nvd
- git.kernel.org/stable/c/4feb753ba6e5e5bbaba868b841a2db41c21e56fanvd
- git.kernel.org/stable/c/54eafc1b0dbcf79c5f8b6dc8d9e92e56b9384c0anvd
- git.kernel.org/stable/c/5a4923726a165593d7601834a6fb2a10ab47b85dnvd
- git.kernel.org/stable/c/933c5463873582baaecf5c38401ec4095b1c6269nvd
- git.kernel.org/stable/c/e0527c09bcf1e6beeb685a7f4177683866b8609cnvd
News mentions
0No linked articles in our index yet.