CVE Catalog

CVE-2026-45869

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.16%

6th percentile - higher than 6% of all known CVEs

Summary

In the Linux kernel, a NULL pointer dereference vulnerability was found in the wm97xx power supply driver. The issue occurs when an interrupt (IRQ) is registered before the power_supply structure is initialized, potentially leading to the use of an uninitialized pointer in the power_supply_changed() function.

Risk Assessment

An attacker could exploit this vulnerability to cause a system crash (kernel panic) by deliberately triggering an interrupt during a critical moment of driver initialization, leading to a denial of service (DoS).

Recommendation

Immediately update the Linux kernel to a version containing the fix that moves IRQ registration after the power_supply structure initialization. For embedded systems using this driver, apply the patch or update the BSP.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: power: supply: wm97xx: Fix NULL pointer dereference in power_supply_changed() In `probe()`, `request_irq()` is called before allocating/registering a `power_supply` handle. If an interrupt is fired between the call to `request_irq()` and `power_supply_register()`, the `power_supply` handle will be used uninitialized in `power_supply_changed()` in `wm97xx_bat_update()` (triggered from the interrupt handler). This will lead to a `NULL` pointer dereference since Fix this racy `NULL` pointer dereference by making sure the IRQ is requested _after_ the registration of the `power_supply` handle. Since the IRQ is the last thing requests in the `probe()` now, remove the error path for freeing it. Instead add one for unregistering the `power_supply` handle when IRQ request fails.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS