SB20250916184 - NULL pointer dereference in Linux kernel power supply driver
Published: September 16, 2025 Updated: September 22, 2025
Security Bulletin ID
SB20250916184
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) NULL pointer dereference (CVE-ID: CVE-2022-50276)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the power_supply_get_battery_info() function in drivers/power/supply/power_supply_core.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/104bb8a663451404a26331263ce5b96c34504049
- https://git.kernel.org/stable/c/279af90e65cbdb3e5c4519b0043324d7876bc5ec
- https://git.kernel.org/stable/c/5beadb55f4e36fafe5d6df5dcd5f85d803f3f134
- https://git.kernel.org/stable/c/8ea68b4e3fa9392ef9dae303abc8735a033c280f
- https://git.kernel.org/stable/c/b8131efb89d9f837c9244f900f0fc2699fd1181d
- https://git.kernel.org/stable/c/d21534ab4fd7883e1c8037a76671d4e8b6ea14cb
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.86