Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure fieldIf driver read val value sufficient for(val & 0x08) && (!(val & 0x80)) && ((val & 0x7) == ((val >> 4) & 0x7))from device then Null pointer dereference occurs.(It is possible if tmp = 0b0xyz1xyz, where same literals mean same numbers)Also lm75[] does not serve a purpose anymore after switching todevm_i2c_new_dummy_device() in w83791d_detect_subclients().The patch fixes possible NULL pointer dereference by removing lm75[].Found by Linux Driver Verification project (linuxtesting.org).[groeck: Dropped unnecessary continuation lines, fixed multipline alignment]
No PoCs from references.
- https://github.com/ARPSyndicate/cve-scores