In the Linux kernel, the following vulnerability has been resolved:
net: dsa: bcmsf2: Fix a possible memory leak in bcmsf2mdioregister()
bcmsf2mdioregister() calls ofphyfinddevice() and then phydeviceremove() in a loop to remove existing PHY devices. ofphyfinddevice() eventually calls busfinddevice(), which calls getdevice() on the returned struct device * to increment the refcount. The current implementation does not decrement the refcount, which causes memory leak.
This commit adds the missing phydevicefree() call to decrement the refcount via put_device() to balance the refcount.