CVE-2026-45869
Published: May 27, 2026
Modified: May 27, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: power: supply: wm97xx: Fix NULL pointer dereference in power_supply_changed() In `probe()`, `request_irq()` is called before allocating/registering a `power_supply` handle. If an interrupt is fired between the call to `request_irq()` and `power_supply_register()`, the `power_supply` handle will be used uninitialized in `power_supply_changed()` in `wm97xx_bat_update()` (triggered from the interrupt handler). This will lead to a `NULL` pointer dereference since Fix this racy `NULL` pointer dereference by making sure the IRQ is requested _after_ the registration of the `power_supply` handle. Since the IRQ is the last thing requests in the `probe()` now, remove the error path for freeing it. Instead add one for unregistering the `power_supply` handle when IRQ request fails.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 7c87942aef52d2120e95ff1dec739998b9f95a78 - < 3d7b5391bb95505b3581c1fb77150c467ab92864affected 7c87942aef52d2120e95ff1dec739998b9f95a78 - < 438f9a303ea8b55162b2d5376490c2ab3ec165a0affected 7c87942aef52d2120e95ff1dec739998b9f95a78 - < 9b7d77cb046b4487e8e511e04e62b6f416ce845caffected 7c87942aef52d2120e95ff1dec739998b9f95a78 - < 86183153c299e8bb1839e717286d6c6f39508a59affected 7c87942aef52d2120e95ff1dec739998b9f95a78 - < 93bdf715d33cf5ee01c58e8546c2469c71ce082a+3 more versions |
Linux | Linux | affected 2.6.32unaffected 0 - < 2.6.32unaffected 5.10.252 - <= 5.10.*unaffected 5.15.202 - <= 5.15.*unaffected 6.1.165 - <= 6.1.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now