CVE-2022-49612
Published: Feb 26, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: power: supply: core: Fix boundary conditions in interpolation The functions power_supply_temp2resist_simple and power_supply_ocv2cap_simple handle boundary conditions incorrectly. The change was introduced in a4585ba2050f460f749bbaf2b67bd56c41e30283 ("power: supply: core: Use library interpolation"). There are two issues: First, the lines "high = i - 1" and "high = i" in ocv2cap have the wrong order compared to temp2resist. As a consequence, ocv2cap sets high=-1 if ocv>table[0].ocv, which causes an out-of-bounds read. Second, the logic of temp2resist is also not correct. Consider the case table[] = {{20, 100}, {10, 80}, {0, 60}}. For temp=5, we expect a resistance of 70% by interpolation. However, temp2resist sets high=low=2 and returns 60.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected a4585ba2050f460f749bbaf2b67bd56c41e30283 - < a762cee5d933fe4e2e1b773d60fc74fb8248d8c4affected a4585ba2050f460f749bbaf2b67bd56c41e30283 - < 093d27bb6f2d1963f927ef59c9a2d37059175426 |
Linux | Linux | affected 5.17unaffected 0 - < 5.17unaffected 5.18.13 - <= 5.18.*unaffected 5.19 - <= * |
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now