CVE-2022-50276

MEDIUM

Linux Kernel - Null Pointer Dereference in power_supply_get_battery_info

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: power: supply: fix null pointer dereferencing in power_supply_get_battery_info when kmalloc() fail to allocate memory in kasprintf(), propname will be NULL, strcmp() called by of_get_property() will cause null pointer dereference. So return ENOMEM if kasprintf() return NULL pointer.

References (6)

Core 6

Core References

Patch

https://git.kernel.org/stable/c/8ea68b4e3fa9392ef9dae303abc8735a033c280f

Patch

https://git.kernel.org/stable/c/5beadb55f4e36fafe5d6df5dcd5f85d803f3f134

Patch

https://git.kernel.org/stable/c/d21534ab4fd7883e1c8037a76671d4e8b6ea14cb

Patch

https://git.kernel.org/stable/c/279af90e65cbdb3e5c4519b0043324d7876bc5ec

Patch

https://git.kernel.org/stable/c/b8131efb89d9f837c9244f900f0fc2699fd1181d

Patch

https://git.kernel.org/stable/c/104bb8a663451404a26331263ce5b96c34504049

Scores

CVSS v3 5.5

EPSS 0.0014

EPSS Percentile 4.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-476

Status published

Products (20)

linux/Kernel 5.0.0 - 5.4.229linux

linux/Kernel 5.11.0 - 5.15.86linux

linux/Kernel 5.16.0 - 6.0.16linux

linux/Kernel 5.5.0 - 5.10.163linux

linux/Kernel 6.1.0 - 6.1.2linux

Linux/Linux < 5.0

Linux/Linux 3afb50d7125bcdbf71df843134e96ceffc78c8b8 - 104bb8a663451404a26331263ce5b96c34504049

Linux/Linux 3afb50d7125bcdbf71df843134e96ceffc78c8b8 - 279af90e65cbdb3e5c4519b0043324d7876bc5ec

Linux/Linux 3afb50d7125bcdbf71df843134e96ceffc78c8b8 - 5beadb55f4e36fafe5d6df5dcd5f85d803f3f134

Linux/Linux 3afb50d7125bcdbf71df843134e96ceffc78c8b8 - 8ea68b4e3fa9392ef9dae303abc8735a033c280f

... and 10 more

Published Sep 15, 2025

Tracked Since Feb 18, 2026