CVE-2023-53310 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: power: supply: axp288_fuel_gauge: Fix external_power_changed race fuel_gauge_external_power_changed() dereferences info->bat, which gets sets in axp288_fuel_gauge_probe() like this: info->bat = devm_power_supply_register(dev, &fuel_gauge_desc, &psy_cfg); As soon as devm_power_supply_register() has called device_add() the external_power_changed callback can get called. So there is a window where fuel_gauge_external_power_changed() may get called while info->bat has not been set yet leading to a NULL pointer dereference. Fixing this is easy. The external_power_changed callback gets passed the power_supply which will eventually get stored in info->bat, so fuel_gauge_external_power_changed() can simply directly use the passed in psy argument which is always valid.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/0456b912121e45b3ef54abe3135e5dcb541f956c
https://git.kernel.org/stable/c/a636c6ba9ce898207f283271cb28511206ab739b
https://git.kernel.org/stable/c/f8319774d6f1567d6e7d03653174ab0c82c5c66d
https://lore.kernel.org/linux-cve-announce/2025091642-CVE-2023-53310-8d40@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-53310
https://www.cve.org/CVERecord?id=CVE-2023-53310

History

Wed, 17 Sep 2025 00:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025091642-CVE-2023-53310-8d40@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2023-53310 https://www.cve.org/CVERecord?id=CVE-2023-53310
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Moderate`

Tue, 16 Sep 2025 16:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: power: supply: axp288_fuel_gauge: Fix external_power_changed race fuel_gauge_external_power_changed() dereferences info->bat, which gets sets in axp288_fuel_gauge_probe() like this: info->bat = devm_power_supply_register(dev, &fuel_gauge_desc, &psy_cfg); As soon as devm_power_supply_register() has called device_add() the external_power_changed callback can get called. So there is a window where fuel_gauge_external_power_changed() may get called while info->bat has not been set yet leading to a NULL pointer dereference. Fixing this is easy. The external_power_changed callback gets passed the power_supply which will eventually get stored in info->bat, so fuel_gauge_external_power_changed() can simply directly use the passed in psy argument which is always valid.
Title		power: supply: axp288_fuel_gauge: Fix external_power_changed race
References		https://git.kernel.org/stable/c/0456b912121e45b3ef54abe3135e5dcb541f956c https://git.kernel.org/stable/c/a636c6ba9ce898207f283271cb28511206ab739b https://git.kernel.org/stable/c/f8319774d6f1567d6e7d03653174ab0c82c5c66d

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-09-16T16:11:48.399Z

Updated: 2025-09-16T16:11:48.399Z

Reserved: 2025-09-16T16:08:59.562Z

Link: CVE-2023-53310

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-09-16T17:15:36.847

Modified: 2025-09-16T17:15:36.847

Link: CVE-2023-53310

Redhat

Severity : Moderate

Publid Date: 2025-09-16T00:00:00Z

Links: CVE-2023-53310 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object