CVE-2022-49612 Information

Description

In the Linux kernel the following vulnerability has been resolved:

power: supply: core: Fix boundary conditions in interpolation

The functions power_supply_temp2resist_simple and power_supply_ocv2cap_simple handle boundary conditions incorrectly. The change was introduced in a4585ba2050f460f749bbaf2b67bd56c41e30283 (\power: supply: core: Use library interpolation). There are two issues: First the lines \high = i - 1\ and \high = i\ in ocv2cap have the wrong order compared to temp2resist. As a consequence ocv2cap sets high=-1 if ocv>table[0].ocv which causes an out-of-bounds read. Second the logic of temp2resist is also not correct. Consider the case table[] = 20 100 10 80 0 60. For temp=5 we expect a resistance of 70% by interpolation. However temp2resist sets high=low=2 and returns 60.

Reference

https://git.kernel.org/stable/c/093d27bb6f2d1963f927ef59c9a2d37059175426 https://git.kernel.org/stable/c/a762cee5d933fe4e2e1b773d60fc74fb8248d8c4