CVE-2024-57792

In the Linux kernel, the following vulnerability has been resolved: power: supply: gpio-charger: Fix set charge current limits Fix set charge current limits for devices which allow to set the lowest charge current limit to be greater zero. If requested charge current limit is below lowest limit, the index equals current_limit_map_size which leads to accessing memory beyond allocated memory.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/13eb3cae1d8e23cce96c095abe34da8028c09ac5	Patch
https://git.kernel.org/stable/c/6abbbd8286b6f944eecf3c74444c138590135211	Patch
https://git.kernel.org/stable/c/afc6e39e824ad0e44b2af50a97885caec8d213d1	Patch
https://git.kernel.org/stable/c/b29c7783ac1fe36d639c089cf471ac7a46df05f0	Patch
https://git.kernel.org/stable/c/c3703d9340ca2820e1ac63256f4b423ea8559831	Patch
https://git.kernel.org/stable/c/f6279a98db132da0cfff18712a1b06478c32007f	Patch
https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc4::::::

History

03 Nov 2025, 21:18

Type	Values Removed	Values Added
References		() https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html - () https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html -

16 Oct 2025, 17:26

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/13eb3cae1d8e23cce96c095abe34da8028c09ac5 -~~	() https://git.kernel.org/stable/c/13eb3cae1d8e23cce96c095abe34da8028c09ac5 - Patch
References	~~() https://git.kernel.org/stable/c/6abbbd8286b6f944eecf3c74444c138590135211 -~~	() https://git.kernel.org/stable/c/6abbbd8286b6f944eecf3c74444c138590135211 - Patch
References	~~() https://git.kernel.org/stable/c/afc6e39e824ad0e44b2af50a97885caec8d213d1 -~~	() https://git.kernel.org/stable/c/afc6e39e824ad0e44b2af50a97885caec8d213d1 - Patch
References	~~() https://git.kernel.org/stable/c/b29c7783ac1fe36d639c089cf471ac7a46df05f0 -~~	() https://git.kernel.org/stable/c/b29c7783ac1fe36d639c089cf471ac7a46df05f0 - Patch
References	~~() https://git.kernel.org/stable/c/c3703d9340ca2820e1ac63256f4b423ea8559831 -~~	() https://git.kernel.org/stable/c/c3703d9340ca2820e1ac63256f4b423ea8559831 - Patch
References	~~() https://git.kernel.org/stable/c/f6279a98db132da0cfff18712a1b06478c32007f -~~	() https://git.kernel.org/stable/c/f6279a98db132da0cfff18712a1b06478c32007f - Patch
First Time		Linux Linux linux Kernel
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.8
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: power: supply: gpio-charger: Fix set charge current limits Fix set charge current limits for devices which allow to set the lowest charge current limit to be mayor que cero. Si el límite de corriente de carga solicitado es inferior al límite inferior, el índice es igual a current_limit_map_size, lo que provoca el acceso a la memoria más allá de la memoria asignada.
CPE		cpe:2.3:o:linux:linux_kernel:6.13:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc3:::::: cpe:2.3:o:linux:linux_kernel::::::::
CWE		NVD-CWE-Other

11 Jan 2025, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-11 13:15

Updated : 2025-11-03 21:18

NVD link : CVE-2024-57792

Mitre link : CVE-2024-57792

CVE.ORG link : CVE-2024-57792

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-Other

7.8 /10