CVE-2026-46252

Source
https://cve.org/CVERecord?id=CVE-2026-46252
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46252.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-46252
Downstream
Published
2026-06-03T15:49:48.784Z
Modified
2026-07-08T08:13:41.121703861Z
Summary
regulator: core: fix locking in regulator_resolve_supply() error path
Details

In the Linux kernel, the following vulnerability has been resolved:

regulator: core: fix locking in regulatorresolvesupply() error path

If late enabling of a supply regulator fails in regulatorresolvesupply(), the code currently triggers a lockdep warning:

WARNING: drivers/regulator/core.c:2649 at _regulator_put+0x80/0xa0, CPU#6: kworker/u32:4/596
...
Call trace:
 _regulator_put+0x80/0xa0 (P)
 regulator_resolve_supply+0x7cc/0xbe0
 regulator_register_resolve_supply+0x28/0xb8

as the regulatorlistmutex must be held when calling regulatorput().

To solve this, simply switch to using regulator_put().

While at it, we should also make sure that no concurrent access happens to our rdev while we clear out the supply pointer. Add appropriate locking to ensure that.

While the code in question will be removed altogether in a follow-up commit, I believe it is still beneficial to have this corrected before removal for future reference.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46252.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
36a1f1b6ddc6d1442424e29548e790633ca39c7b
Fixed
e77357dc2293283fc08a485b1e2e571d91d02622
Fixed
a8a2eab1166bc33ee38ca371cff425bdb5681e47
Fixed
60747114fd2a38739130b715e7b2d40ce848f0be
Fixed
c84860dac7af7dc3c3e3c9ae86d65e222c2f3b0c
Fixed
3b7fffd7a8984a1c009f668765ee7631fd6b87c8
Fixed
bde74af8d4466213007bdd42cc85fa72c861dea7
Fixed
c66e0db0f37290b53c57994f998bb55590364fd0
Fixed
497330b203d2c59c5ff3fa4c34d14494d7203bc3

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46252.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.2.0
Fixed
5.10.260
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.211
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.177
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.144
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.95
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.37
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.4

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46252.json"