CVE-2022-49612

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been identified, related to the power supply core. The issue lies in the handling of boundary conditions by the functions power supply temp2resist simple and power supply ocv2cap simple. Specifically, the logic for interpolation is incorrect, leading to potential out-of-bounds reads. For instance, when the ocv value exceeds the first entry in the table, high is set to -1, causing an out-of-bounds access. Additionally, the interpolation logic in temp2resist does not produce the expected results, as demonstrated by an example where a temperature of 5 should yield a resistance of 70% but instead returns 60.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.