Li Zetao

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.12.0-rc2+ **Description** A null pointer dereference issue was found in the Linux kernel when using sysfs to dynamically register an i2c device. The issue occurs because the probe process of ts2020 needs to use platform data, but no platform data is available when using sysfs. This results in a null pointer being accessed. The issue was reported by KASAN when executing the command `# echo ts2020 0x20 > /sys/bus/i2c/devices/i2c-0/new device`. The `ts2020 probe()` function is vulnerable to this issue. **Recommendations** To resolve this issue, add checks to the platform data in the `ts2020 probe()` function to prevent null pointer dereferences. As a temporary workaround, consider disabling the `ts2020 probe()` function until a patch is available. Restrict access to the vulnerable `ts2020` module to minimize the risk of exploitation. Avoid using the `sysfs` interface to dynamically register i2c devices until the issue is resolved. Update to a version of the Linux kernel that includes the fix for this issue.