← voltar
CVE-2022-50634

power: supply: cw2015: Fix potential null-ptr-deref in cw_bat_probe()

EPSS 0.2%
In the Linux kernel, the following vulnerability has been resolved: power: supply: cw2015: Fix potential null-ptr-deref in cw_bat_probe() cw_bat_probe() calls create_singlethread_workqueue() and not checked the ret value, which may return NULL. And a null-ptr-deref may happen: cw_bat_probe() create_singlethread_workqueue() # failed, cw_bat->wq is NULL queue_delayed_work() queue_delayed_work_on() __queue_delayed_work() # warning here, but continue __queue_work() # access wq->flags, null-ptr-deref Check the ret value and return -ENOMEM if it is NULL.
Produtos afetados
Linux · Linux

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://git.kernel.org/stable/c/5150b76aa2eb8bb8feb7f7a048417f9d39c3dd04https://git.kernel.org/stable/c/97f2b4ddb0aa700d673691a7d5e44d226d22bab7https://git.kernel.org/stable/c/f7e2ba8ed08138102f21f3fe6414498c93177fd8