{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-49955", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-10-21T12:17:06.047Z", "datePublished": "2024-10-21T18:02:09.707Z", "dateUpdated": "2024-11-08T15:57:24.081Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-08T15:57:24.081Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: battery: Fix possible crash when unregistering a battery hook\n\nWhen a battery hook returns an error when adding a new battery, then\nthe battery hook is automatically unregistered.\nHowever the battery hook provider cannot know that, so it will later\ncall battery_hook_unregister() on the already unregistered battery\nhook, resulting in a crash.\n\nFix this by using the list head to mark already unregistered battery\nhooks as already being unregistered so that they can be ignored by\nbattery_hook_unregister()."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/acpi/battery.c"], "versions": [{"version": "fa93854f7a7e", "lessThan": "76fb2cbf0157", "status": "affected", "versionType": "git"}, {"version": "fa93854f7a7e", "lessThan": "c47843a831e0", "status": "affected", "versionType": "git"}, {"version": "fa93854f7a7e", "lessThan": "da964de4c181", "status": "affected", "versionType": "git"}, {"version": "fa93854f7a7e", "lessThan": "07b98400cb02", "status": "affected", "versionType": "git"}, {"version": "fa93854f7a7e", "lessThan": "ca1fb7942a28", "status": "affected", "versionType": "git"}, {"version": "fa93854f7a7e", "lessThan": "ce31847f109c", "status": "affected", "versionType": "git"}, {"version": "fa93854f7a7e", "lessThan": "ca26e8eed9c1", "status": "affected", "versionType": "git"}, {"version": "fa93854f7a7e", "lessThan": "9f469ef1c79d", "status": "affected", "versionType": "git"}, {"version": "fa93854f7a7e", "lessThan": "76959aff14a0", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/acpi/battery.c"], "versions": [{"version": "4.17", "status": "affected"}, {"version": "0", "lessThan": "4.17", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.323", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.285", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.227", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.168", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.113", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.55", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10.14", "lessThanOrEqual": "6.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.11.3", "lessThanOrEqual": "6.11.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12-rc2", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/76fb2cbf01571926da8ecf6876cc8cb07d3f5183"}, {"url": "https://git.kernel.org/stable/c/c47843a831e0eae007ad7e848d208e675ba4c132"}, {"url": "https://git.kernel.org/stable/c/da964de4c18199e14b961b5b2e5e6570552a313c"}, {"url": "https://git.kernel.org/stable/c/07b98400cb0285a6348188aa8c5ec6a2ae0551f7"}, {"url": "https://git.kernel.org/stable/c/ca1fb7942a287b40659cc79551a1de54a2c2e7d5"}, {"url": "https://git.kernel.org/stable/c/ce31847f109c3a5b2abdd19d7bcaafaacfde53de"}, {"url": "https://git.kernel.org/stable/c/ca26e8eed9c1c6651f51f7fa38fe444f8573cd1b"}, {"url": "https://git.kernel.org/stable/c/9f469ef1c79dac7f9ac1518643a33703918f7e13"}, {"url": "https://git.kernel.org/stable/c/76959aff14a0012ad6b984ec7686d163deccdc16"}], "title": "ACPI: battery: Fix possible crash when unregistering a battery hook", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-49955", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-22T13:35:51.725072Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-22T13:38:48.563Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-49955", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-22T13:35:51.725072Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-22T13:35:54.759Z"}}], "cna": {"title": "ACPI: battery: Fix possible crash when unregistering a battery hook", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "fa93854f7a7e", "lessThan": "da964de4c181", "versionType": "git"}, {"status": "affected", "version": "fa93854f7a7e", "lessThan": "07b98400cb02", "versionType": "git"}, {"status": "affected", "version": "fa93854f7a7e", "lessThan": "ca1fb7942a28", "versionType": "git"}, {"status": "affected", "version": "fa93854f7a7e", "lessThan": "ce31847f109c", "versionType": "git"}, {"status": "affected", "version": "fa93854f7a7e", "lessThan": "ca26e8eed9c1", "versionType": "git"}, {"status": "affected", "version": "fa93854f7a7e", "lessThan": "9f469ef1c79d", "versionType": "git"}, {"status": "affected", "version": "fa93854f7a7e", "lessThan": "76959aff14a0", "versionType": "git"}], "programFiles": ["drivers/acpi/battery.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.17"}, {"status": "unaffected", "version": "0", "lessThan": "4.17", "versionType": "custom"}, {"status": "unaffected", "version": "5.10.227", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.168", "versionType": "custom", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.113", "versionType": "custom", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.55", "versionType": "custom", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.10.14", "versionType": "custom", "lessThanOrEqual": "6.10.*"}, {"status": "unaffected", "version": "6.11.3", "versionType": "custom", "lessThanOrEqual": "6.11.*"}, {"status": "unaffected", "version": "6.12-rc2", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/acpi/battery.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/da964de4c18199e14b961b5b2e5e6570552a313c"}, {"url": "https://git.kernel.org/stable/c/07b98400cb0285a6348188aa8c5ec6a2ae0551f7"}, {"url": "https://git.kernel.org/stable/c/ca1fb7942a287b40659cc79551a1de54a2c2e7d5"}, {"url": "https://git.kernel.org/stable/c/ce31847f109c3a5b2abdd19d7bcaafaacfde53de"}, {"url": "https://git.kernel.org/stable/c/ca26e8eed9c1c6651f51f7fa38fe444f8573cd1b"}, {"url": "https://git.kernel.org/stable/c/9f469ef1c79dac7f9ac1518643a33703918f7e13"}, {"url": "https://git.kernel.org/stable/c/76959aff14a0012ad6b984ec7686d163deccdc16"}], "x_generator": {"engine": "bippy-c9c4e1df01b2"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: battery: Fix possible crash when unregistering a battery hook\n\nWhen a battery hook returns an error when adding a new battery, then\nthe battery hook is automatically unregistered.\nHowever the battery hook provider cannot know that, so it will later\ncall battery_hook_unregister() on the already unregistered battery\nhook, resulting in a crash.\n\nFix this by using the list head to mark already unregistered battery\nhooks as already being unregistered so that they can be ignored by\nbattery_hook_unregister()."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-10-21T18:02:09.707Z"}}}, "cveMetadata": {"cveId": "CVE-2024-49955", "state": "PUBLISHED", "dateUpdated": "2024-10-22T13:38:48.563Z", "dateReserved": "2024-10-21T12:17:06.047Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-10-21T18:02:09.707Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "2E7C7F10-BDE9-4D62-9A04-76C54C5D4EAE", "versionEndExcluding": "5.10.227", "versionStartIncluding": "4.17", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C", "versionEndExcluding": "5.15.168", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE", "versionEndExcluding": "6.1.113", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E90B9576-56C4-47BC-AAB0-C5B2D438F5D0", "versionEndExcluding": "6.6.55", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "4C16BCE0-FFA0-4599-BE0A-1FD65101C021", "versionEndExcluding": "6.10.14", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9", "versionEndExcluding": "6.11.3", "versionStartIncluding": "6.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: battery: Fix possible crash when unregistering a battery hook\n\nWhen a battery hook returns an error when adding a new battery, then\nthe battery hook is automatically unregistered.\nHowever the battery hook provider cannot know that, so it will later\ncall battery_hook_unregister() on the already unregistered battery\nhook, resulting in a crash.\n\nFix this by using the list head to mark already unregistered battery\nhooks as already being unregistered so that they can be ignored by\nbattery_hook_unregister()."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ACPI: bater\u00eda: se corrige un posible fallo al anular el registro de un gancho de bater\u00eda Cuando un gancho de bater\u00eda devuelve un error al a\u00f1adir una bater\u00eda nueva, el gancho de bater\u00eda se anula autom\u00e1ticamente el registro. Sin embargo, el proveedor del gancho de bater\u00eda no puede saberlo, por lo que m\u00e1s tarde llamar\u00e1 a battery_hook_unregister() en el gancho de bater\u00eda ya anulado, lo que provocar\u00e1 un fallo. Solucione esto utilizando el encabezado de lista para marcar los ganchos de bater\u00eda ya anulados como ya anulados para que battery_hook_unregister() pueda ignorarlos."}], "id": "CVE-2024-49955", "lastModified": "2024-11-08T16:15:33.663", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-10-21T18:15:16.833", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/07b98400cb0285a6348188aa8c5ec6a2ae0551f7"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/76959aff14a0012ad6b984ec7686d163deccdc16"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/76fb2cbf01571926da8ecf6876cc8cb07d3f5183"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9f469ef1c79dac7f9ac1518643a33703918f7e13"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c47843a831e0eae007ad7e848d208e675ba4c132"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ca1fb7942a287b40659cc79551a1de54a2c2e7d5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ca26e8eed9c1c6651f51f7fa38fe444f8573cd1b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ce31847f109c3a5b2abdd19d7bcaafaacfde53de"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/da964de4c18199e14b961b5b2e5e6570552a313c"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-672"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: ACPI: battery: Fix possible crash when unregistering a battery hook", "id": "2320424", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2320424"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nACPI: battery: Fix possible crash when unregistering a battery hook\nWhen a battery hook returns an error when adding a new battery, then\nthe battery hook is automatically unregistered.\nHowever the battery hook provider cannot know that, so it will later\ncall battery_hook_unregister() on the already unregistered battery\nhook, resulting in a crash.\nFix this by using the list head to mark already unregistered battery\nhooks as already being unregistered so that they can be ignored by\nbattery_hook_unregister()."], "name": "CVE-2024-49955", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-10-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-49955\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-49955\nhttps://lore.kernel.org/linux-cve-announce/2024102130-CVE-2024-49955-f517@gregkh/T"], "threat_severity": "Moderate"}