AI Score
Confidence
Low
EPSS
Percentile
15.5%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field
If driver read tmp value sufficient for
(tmp & 0x08) && (!(tmp & 0x80)) && ((tmp & 0x7) == ((tmp >> 4) & 0x7))
from device then Null pointer dereference occurs.
(It is possible if tmp = 0b0xyz1xyz, where same literals mean same numbers)
Also lm75[] does not serve a purpose anymore after switching to
devm_i2c_new_dummy_device() in w83791d_detect_subclients().
The patch fixes possible NULL pointer dereference by removing lm75[].
Found by Linux Driver Verification project (linuxtesting.org).
[groeck: Dropped unnecessary continuation lines, fixed multi-line alignments]
[
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "1da177e4c3f4",
"lessThan": "6cb01fe630ea",
"versionType": "git"
},
{
"status": "affected",
"version": "1da177e4c3f4",
"lessThan": "7c4fd5de39f2",
"versionType": "git"
},
{
"status": "affected",
"version": "1da177e4c3f4",
"lessThan": "746011193f44",
"versionType": "git"
},
{
"status": "affected",
"version": "1da177e4c3f4",
"lessThan": "dd4d747ef05a",
"versionType": "git"
}
],
"programFiles": [
"drivers/hwmon/w83793.c"
],
"defaultStatus": "unaffected"
},
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "unaffected",
"version": "5.4.151",
"versionType": "custom",
"lessThanOrEqual": "5.4.*"
},
{
"status": "unaffected",
"version": "5.10.71",
"versionType": "custom",
"lessThanOrEqual": "5.10.*"
},
{
"status": "unaffected",
"version": "5.14.10",
"versionType": "custom",
"lessThanOrEqual": "5.14.*"
},
{
"status": "unaffected",
"version": "5.15",
"versionType": "original_commit_for_fix",
"lessThanOrEqual": "*"
}
],
"programFiles": [
"drivers/hwmon/w83793.c"
],
"defaultStatus": "affected"
}
]