CVE-2024-57792
Published: January 13, 2025Last modified: January 13, 2025
Description
In the Linux kernel, the following vulnerability has been resolved: power: supply: gpio-charger: Fix set charge current limits Fix set charge current limits for devices which allow to set the lowest charge current limit to be greater zero. If requested charge current limit is below lowest limit, the index equals current_limit_map_size which leads to accessing memory beyond allocated memory.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 7.8 |
| Attack Vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity impact | HIGH |
| Availability impact | HIGH |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Fixed (6.1.124-r0) |
| 25 LTS | linux-lts | Fixed (6.12.41-r0) | |
| Stream | linux-lts | Fixed (6.12.41-r0) |
References
- https://git.kernel.org/stable/c/13eb3cae1d8e23cce96c095abe34da8028c09ac5
- https://git.kernel.org/stable/c/6abbbd8286b6f944eecf3c74444c138590135211
- https://git.kernel.org/stable/c/afc6e39e824ad0e44b2af50a97885caec8d213d1
- https://git.kernel.org/stable/c/b29c7783ac1fe36d639c089cf471ac7a46df05f0
- https://git.kernel.org/stable/c/c3703d9340ca2820e1ac63256f4b423ea8559831
- https://git.kernel.org/stable/c/f6279a98db132da0cfff18712a1b06478c32007f