Memory Access Issue in Linux Kernel's GPIO Charger Component
CVE-2024-57792

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 11 January 2025

Summary

A vulnerability in the Linux kernel's gpio-charger driver has been identified that may allow for incorrect memory access when setting charge current limits. Specifically, if a requested charge current limit is set below the minimum allowable threshold, it could lead to accessing memory beyond the allocated bounds. This issue, if exploited, could result in unpredictable behavior or system instability. Proper handling of charge current parameters is essential to mitigate potential risks.

Affected Version(s)

Linux be2919d8355e4651386ad2fb61ddb6efe4533b1b

Linux be2919d8355e4651386ad2fb61ddb6efe4533b1b < 6abbbd8286b6f944eecf3c74444c138590135211

References

https://git.kernel.org/stable/c/b29c7783ac1fe36d639c089cf...

https://git.kernel.org/stable/c/c3703d9340ca2820e1ac63256...

https://git.kernel.org/stable/c/6abbbd8286b6f944eecf3c744...

Timeline

Vulnerability published
Jan 11, 2025
Vulnerability Reserved
Jan 11, 2025