CVE-2024-44936

Severity

55%

Complexity

18%

Confidentiality

60%

In the Linux kernel, the following vulnerability has been resolved: power: supply: rt5033: Bring back i2c_set_clientdata Commit 3a93da231c12 ("power: supply: rt5033: Use devm_power_supply_register() helper") reworked the driver to use devm. While at it, the i2c_set_clientdata was dropped along with the remove callback. Unfortunately other parts of the driver also rely on i2c clientdata so this causes kernel oops. Bring the call back to fix the driver.

CVSS 3.1 Base Score 5.5. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Overview

First reported 5 months ago

2024-08-26 11:15:00

Last updated 5 months ago

2024-09-05 17:53:00

Affected Software

Linux Kernel

References

https://git.kernel.org/stable/c/3c5d0871b0af0184abc6f7f52f8705b39a6251ae

https://git.kernel.org/stable/c/d3911f1639e67fc7b12aae0efa5a540976d7443b

https://git.kernel.org/stable/c/3c5d0871b0af0184abc6f7f52f8705b39a6251ae

Patch

https://git.kernel.org/stable/c/d3911f1639e67fc7b12aae0efa5a540976d7443b

Patch

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.