Paweł Marciniak

**Name of the Vulnerable Software and Affected Versions** Linux kernel version 5.16.2-200.fc35.x86 64 **Description** The issue is related to a NULL pointer dereference in the Linux kernel, specifically in the hwmon component. This occurs when the `clear caseopen()` function is called with the wrong device type, leading to a crash. The problem arises because the device passed to `clear caseopen()` is the hwmon device, not the platform device, and the platform data is not set in the hwmon device. To resolve this, the pointer to `sio data` should be stored in the `struct nct6775 data` and retrieved from there when needed. **Recommendations** To fix the issue, update the Linux kernel to a version where this vulnerability has been resolved. Ensure that the `sio data` pointer is correctly stored in the `struct nct6775 data` to prevent the NULL pointer dereference. As a temporary workaround, consider disabling the `clear caseopen()` function until a patch is available.