CVE-2021-46980

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue arises from the Linux kernel's handling of Power Data Objects (PDOs) when connected to a PD-capable source. The kernel only receives the first 4 PDOs due to the MESSAGE IN length limitation of 16 bytes, despite the PD spec allowing up to 7 PDOs. If a source advertises more than 4 PDOs and the Power Power Manager (PPM) negotiates a power contract with one of these PDOs at an index greater than 4, it can lead to an out-of-bounds access when the rdo index() is used to index into the src pdos array in ucsi psy get voltage now(). This can be resolved by retrieving and storing up to the maximum of 7 PDOs in the con->src pdos array, involving two calls to the GET PDOS command.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.