-

CVE-2023-54079

EPSS 0.04%
Veröffentlicht 24.12.2025 13:06:11
Zuletzt bearbeitet 29.12.2025 15:58:34
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

power: supply: bq27xxx: Fix poll_interval handling and races on remove

Before this patch bq27xxx_battery_teardown() was setting poll_interval = 0
to avoid bq27xxx_battery_update() requeuing the delayed_work item.

There are 2 problems with this:

1. If the driver is unbound through sysfs, rather then the module being
   rmmod-ed, this changes poll_interval unexpectedly

2. This is racy, after it being set poll_interval could be changed
   before bq27xxx_battery_update() checks it through
   /sys/module/bq27xxx_battery/parameters/poll_interval

Fix this by added a removed attribute to struct bq27xxx_device_info and
using that instead of setting poll_interval to 0.

There also is another poll_interval related race on remove(), writing
/sys/module/bq27xxx_battery/parameters/poll_interval will requeue
the delayed_work item for all devices on the bq27xxx_battery_devices
list and the device being removed was only removed from that list
after cancelling the delayed_work item.

Fix this by moving the removal from the bq27xxx_battery_devices list
to before cancelling the delayed_work item.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 4c9615474fb0a41cfad658d78db3c9ec70912969

Version 8cfaaa811894a3ae2d7360a15a6cfccff3ebc7db

Status affected

Version < 465d919151a1e8d40daf366b868914f59d073211

Version 8cfaaa811894a3ae2d7360a15a6cfccff3ebc7db

Status affected

Version < 0c5f4cec759679c290720fbcf6bb81768e21c95b

Version 8cfaaa811894a3ae2d7360a15a6cfccff3ebc7db

Status affected

Version < e85757da9091998276ff21a13915ac25229cc232

Version 8cfaaa811894a3ae2d7360a15a6cfccff3ebc7db

Status affected

Version < e98e5bebfcafc75a7b41192a607dfea5c1268afa

Version 8cfaaa811894a3ae2d7360a15a6cfccff3ebc7db

Status affected

Version < d952a1eaafcc5f0351caad5dbe9b5b3300d1d529

Version 8cfaaa811894a3ae2d7360a15a6cfccff3ebc7db

Status affected

Version < b12faeca0e819ea09051a705fef9df7ea7e9e18c

Version 8cfaaa811894a3ae2d7360a15a6cfccff3ebc7db

Status affected

Version < c00bc80462afc7963f449d7f21d896d2f629cacc

Version 8cfaaa811894a3ae2d7360a15a6cfccff3ebc7db

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 3.3

Status affected

Version < 3.3

Version 0

Status unaffected

Version <= 4.14.*

Version 4.14.316

Status unaffected

Version <= 4.19.*

Version 4.19.284

Status unaffected

Version <= 5.4.*

Version 5.4.244

Status unaffected

Version <= 5.10.*

Version 5.10.181

Status unaffected

Version <= 5.15.*

Version 5.15.114

Status unaffected

Version <= 6.1.*

Version 6.1.31

Status unaffected

Version <= 6.3.*

Version 6.3.5

Status unaffected

Version <= *

Version 6.4

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.1

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/4c9615474fb0a41cfad658d78db3c9ec70912969

https://git.kernel.org/stable/c/465d919151a1e8d40daf366b868914f59d073211

https://git.kernel.org/stable/c/0c5f4cec759679c290720fbcf6bb81768e21c95b

https://git.kernel.org/stable/c/e85757da9091998276ff21a13915ac25229cc232

https://git.kernel.org/stable/c/e98e5bebfcafc75a7b41192a607dfea5c1268afa

https://git.kernel.org/stable/c/d952a1eaafcc5f0351caad5dbe9b5b3300d1d529

https://git.kernel.org/stable/c/b12faeca0e819ea09051a705fef9df7ea7e9e18c

https://git.kernel.org/stable/c/c00bc80462afc7963f449d7f21d896d2f629cacc

https://nvd.nist.gov/vuln/detail/CVE-2023-54079

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54079

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54079

EUVD