Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Power Supply CPCAP Charger Null Pointer Dereference Vulnerability

Vulnerability

A vulnerability in the Linux kernel's power supply CPCAP charger driver could lead to a null pointer dereference. The issue arises in the 'cpcap_usb_detect()' function, where the 'power_supply_get_by_name()' function may return NULL instead of an error pointer. This vulnerability affects the Linux kernel stable tree.

Impact

Exploitation of this vulnerability can lead to a null pointer dereference, causing a potential denial of service by crashing the system or application that uses the affected driver.

Reproduction

The vulnerability can be reproduced by invoking the 'cpcap_usb_detect()' function in the power supply CPCAP charger driver. This function will attempt to retrieve the battery power supply information. If the 'power_supply_get_by_name()' function returns NULL, the driver will not handle this correctly, leading to a null pointer dereference.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.

Added: Aug 22, 2025, 5:12 PM
Updated: Aug 22, 2025, 5:12 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
4.3
remediation
7.7
relevance
0.4
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.