CVE-2022-49944

MEDIUM

5.5

Description

In the Linux kernel, the following vulnerability has been resolved: Revert "usb: typec: ucsi: add a common function ucsi_unregister_connectors()" The recent commit 87d0e2f41b8c ("usb: typec: ucsi: add a common function ucsi_unregister_connectors()") introduced a regression that caused NULL dereference at reading the power supply sysfs. It's a stale sysfs entry that should have been removed but remains with NULL ops. The commit changed the error handling to skip the entries after a NULL con->wq, and this leaves the power device unreleased. For addressing the regression, the straight revert is applied here. Further code improvements can be done from the scratch again.

CVE Details

CVSS v3.1 Score5.5

SeverityMEDIUM

CVSS VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack VectorLOCAL

ComplexityLOW

Privileges RequiredLOW

User InteractionNONE

Published6/18/2025

Last Modified11/14/2025

Sourcenvd

Honeypot Sightings0

Affected Products

linux:linux_kernel

Weaknesses (CWE)

CWE-476

References

https://git.kernel.org/stable/c/3d4044c9e6d2e3f11f1f8b5e0ee8647d3eb1afad(416baaa9-dc9f-4396-8d5f-8c081fb06d67)

https://git.kernel.org/stable/c/5f73aa2cf8bef4a39baa1591c3144ede4788826e(416baaa9-dc9f-4396-8d5f-8c081fb06d67)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.