CVE-2024-27412Linux vulnerability

30 documents8 sources
Severity
5.5MEDIUMNVD
OSV7.8OSV7.0OSV6.5
EPSS
0.0%
top 94.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LinuxLinux KernelDebian Linux+1 more
Timeline
PublishedMay 17
Latest updateAug 14

Description

In the Linux kernel, the following vulnerability has been resolved: power: supply: bq27xxx-i2c: Do not free non existing IRQ The bq27xxx i2c-client may not have an IRQ, in which case client->irq will be 0. bq27xxx_battery_i2c_probe() already has an if (client->irq) check wrapping the request_threaded_irq(). But bq27xxx_battery_i2c_remove() unconditionally calls free_irq(client->irq) leading to: [ 190.310742] ------------[ cut here ]------------ [ 190.310843] Trying to free already-free IRQ 0

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages5 packages

NVDlinux/linux_kernel4.14.3164.15+10
Debianlinux/linux_kernel< 5.10.216-1+3
Ubuntulinux/linux_kernel< 5.4.0-186.206+1
CVEListV5linux/linux76d2ed844def0cb8704d766924b07b2a918b3e30d4d813c0a14d6bf52d810a55db06a2e7e3d98eaa+10
debiandebian/linux< linux 6.1.82-1 (bookworm)

Also affects: Debian Linux 10.0

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

14
OSV
linux-raspi vulnerabilities2024-07-26
OSV
linux-ibm-5.15 vulnerabilities2024-07-10
OSV
linux-hwe-5.15 vulnerabilities2024-07-04
OSV
linux-bluefield, linux-iot vulnerabilities2024-07-03
OSV
linux-azure, linux-azure-fde vulnerabilities2024-06-14

📋Vendor Advisories

14
CISA ICS
Siemens SINEC OS2025-08-14
Ubuntu
Linux kernel vulnerabilities2024-07-26
Ubuntu
Linux kernel (IBM) vulnerabilities2024-07-10
Ubuntu
Linux kernel (HWE) vulnerabilities2024-07-04
Ubuntu
Linux kernel (Azure) vulnerabilities2024-06-14

💬Community

1
Bugzilla
CVE-2024-27412 kernel: power: supply: bq27xxx-i2c: Do not free non existing IRQ2024-05-17