Linux Kernel Thermal Cooling Device Registration Vulnerability

Vulnerability

A vulnerability in the Linux kernel's thermal subsystem has been addressed. The issue arose because the function put_device() was called before the device_register() function, which is not the correct order. This misstep occurred in thermal_cooling_device_register(), necessitating a correction. Additionally, the function thermal_cooling_device_destroy_sysfs() was being invoked unnecessarily in certain error scenarios. The vulnerability has been fixed by repositioning these function calls appropriately.

Impact

The vulnerability could lead to improper device management in the thermal subsystem, potentially causing issues with thermal regulation or device cooling functions.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Thermal Cooling Device Registration Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating