CVE-2023-52765

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the Qualcomm SPMI PMIC revid implementation, which is broken in multiple ways. It assumes a sibling base device is bound to a driver after registration, potentially triggering a NULL-pointer dereference. The implementation also accesses driver data directly without locking, allowing the data to be freed during access, and leaks a struct device reference. This could lead to a denial of service. The revid lookup has been reimplemented to fix these issues, doing the lookup only at the probe of the PMIC device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.