In the Linux kernel, the following vulnerability has been resolved:
power: supply: wm97xx: Fix NULL pointer dereference in powersupplychanged()
In probe(), request_irq() is called before allocating/registering a
power_supply handle. If an interrupt is fired between the call to
request_irq() and power_supply_register(), the power_supply handle
will be used uninitialized in power_supply_changed() in
wm97xx_bat_update() (triggered from the interrupt handler). This will
lead to a NULL pointer dereference since
Fix this racy NULL pointer dereference by making sure the IRQ is
requested after the registration of the power_supply handle. Since
the IRQ is the last thing requests in the probe() now, remove the
error path for freeing it. Instead add one for unregistering the
power_supply handle when IRQ request fails.
{
"cna_assigner": "Linux",
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/45xxx/CVE-2026-45869.json"
}