David Collins

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a NULL pointer dereference in the thermal component of the Linux kernel. Specifically, when a thermal zone is consuming a thermal sensor and that sensor device hasn't probed yet, attempting to set `trip point * temp` for that thermal zone device can cause a NULL pointer dereference. This can lead to a kernel crash. The functions `of thermal set trip temp`, `of thermal get temp`, `of thermal set emul temp`, and `of thermal get trend` are affected. The vulnerability can be triggered by setting `trip point * temp` via the `/sys/class/thermal/thermal zone87` interface. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.