CVE-2024-57792

power: supply: gpio-charger: Fix set charge current limits

Severity Score

5.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: power: supply: gpio-charger: Fix set charge current limits Fix set charge current limits for devices which allow to set the lowest
charge current limit to be greater zero. If requested charge current limit
is below lowest limit, the index equals current_limit_map_size which leads
to accessing memory beyond allocated memory.

In the Linux kernel, the following vulnerability has been resolved: power: supply: gpio-charger: Fix set charge current limits Fix set charge current limits for devices which allow to set the lowest charge current limit to be greater zero. If requested charge current limit is below lowest limit, the index equals current_limit_map_size which leads to accessing memory beyond allocated memory.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-01-11 CVE Reserved
2025-01-11 CVE Published
2025-01-11 CVE Updated
---------- EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (7)

URL	Tag	Source
https://git.kernel.org/stable/c/be2919d8355e4651386ad2fb61ddb6efe4533b1b	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/b29c7783ac1fe36d639c089cf471ac7a46df05f0	2025-01-09
https://git.kernel.org/stable/c/c3703d9340ca2820e1ac63256f4b423ea8559831	2025-01-09
https://git.kernel.org/stable/c/6abbbd8286b6f944eecf3c74444c138590135211	2025-01-02
https://git.kernel.org/stable/c/13eb3cae1d8e23cce96c095abe34da8028c09ac5	2025-01-02
https://git.kernel.org/stable/c/f6279a98db132da0cfff18712a1b06478c32007f	2025-01-02
https://git.kernel.org/stable/c/afc6e39e824ad0e44b2af50a97885caec8d213d1	2024-12-10

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.10 < 5.10.233 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10 < 5.10.233"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.10 < 5.15.176 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10 < 5.15.176"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.10 < 6.1.123 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10 < 6.1.123"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.10 < 6.6.69 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10 < 6.6.69"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.10 < 6.12.8 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10 < 6.12.8"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.10 < 6.13-rc5 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10 < 6.13-rc5"		en		Affected