Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Null Pointer Dereference Vulnerability in CW2015 Battery Driver

Vulnerability

A null pointer dereference vulnerability has been identified in the Linux kernel's CW2015 battery driver. The issue arises in the 'cw_bat_probe' function, which calls 'create_singlethread_workqueue' without checking the return value. If this function fails, it can lead to a null pointer dereference when the code attempts to access the workqueue flags. The vulnerability affects the Linux kernel stable tree.

Impact

Exploitation of this vulnerability leads to a null pointer dereference, causing a kernel crash.

Reproduction

The vulnerability can be reproduced by loading the CW2015 battery driver into the Linux kernel. The 'cw_bat_probe' function will be executed, where the 'create_singlethread_workqueue' call will fail, returning a NULL value. The subsequent attempt to queue delayed work will then access the NULL workqueue pointer, leading to a null pointer dereference.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed.

Added: Dec 9, 2025, 2:32 AM
Updated: Dec 9, 2025, 2:32 AM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
4.3
remediation
7.7
relevance
1.3
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.