PT-2025-3574 · Linux+6 · Linux Kernel+6
Dimitri Fedrau
·
Published
2024-12-09
·
Updated
2025-05-29
·
CVE-2024-57792
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 6.6.74
Description
The issue is related to the power supply component, specifically the gpio-charger, where the set charge current limits were not properly fixed. This could lead to accessing memory beyond allocated memory if the requested charge current limit is below the lowest limit. The index equals current limit map size in such cases.
Recommendations
For versions prior to 6.6.74, update to version 6.6.74 or later to resolve the issue. As a temporary workaround, consider restricting the use of the
gpio-charger component until a patch is available. Avoid setting charge current limits below the lowest allowed limit to minimize the risk of exploitation.Exploit
Fix
Allocation of Resources Without Limits
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu