CVE-2022-49944

MEDIUM

5.5

Descripcion

In the Linux kernel, the following vulnerability has been resolved: Revert "usb: typec: ucsi: add a common function ucsi_unregister_connectors()" The recent commit 87d0e2f41b8c ("usb: typec: ucsi: add a common function ucsi_unregister_connectors()") introduced a regression that caused NULL dereference at reading the power supply sysfs. It's a stale sysfs entry that should have been removed but remains with NULL ops. The commit changed the error handling to skip the entries after a NULL con->wq, and this leaves the power device unreleased. For addressing the regression, the straight revert is applied here. Further code improvements can be done from the scratch again.

Detalles CVE

Puntuacion CVSS v3.15.5

SeveridadMEDIUM

Vector CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Vector de ataqueLOCAL

ComplejidadLOW

Privilegios requeridosLOW

Interaccion usuarioNONE

Publicado6/18/2025

Ultima modificacion11/14/2025

Fuentenvd

Avistamientos honeypot0

Productos afectados

linux:linux_kernel

Debilidades (CWE)

CWE-476

Referencias

https://git.kernel.org/stable/c/3d4044c9e6d2e3f11f1f8b5e0ee8647d3eb1afad(416baaa9-dc9f-4396-8d5f-8c081fb06d67)

https://git.kernel.org/stable/c/5f73aa2cf8bef4a39baa1591c3144ede4788826e(416baaa9-dc9f-4396-8d5f-8c081fb06d67)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.