CVE-2023-54079
Unknown Unknown - Not Provided
Race Condition in Linux bq27xxx Battery Driver on Removal

Publication date: 2025-12-24

Last updated on: 2025-12-24

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: power: supply: bq27xxx: Fix poll_interval handling and races on remove Before this patch bq27xxx_battery_teardown() was setting poll_interval = 0 to avoid bq27xxx_battery_update() requeuing the delayed_work item. There are 2 problems with this: 1. If the driver is unbound through sysfs, rather then the module being rmmod-ed, this changes poll_interval unexpectedly 2. This is racy, after it being set poll_interval could be changed before bq27xxx_battery_update() checks it through /sys/module/bq27xxx_battery/parameters/poll_interval Fix this by added a removed attribute to struct bq27xxx_device_info and using that instead of setting poll_interval to 0. There also is another poll_interval related race on remove(), writing /sys/module/bq27xxx_battery/parameters/poll_interval will requeue the delayed_work item for all devices on the bq27xxx_battery_devices list and the device being removed was only removed from that list after cancelling the delayed_work item. Fix this by moving the removal from the bq27xxx_battery_devices list to before cancelling the delayed_work item.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-24
Last Modified
2025-12-24
Generated
2026-05-06
AI Q&A
2025-12-24
EPSS Evaluated
2026-05-05
NVD
CVE-2023-54079
EUVD
EUVD-2023-60366
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
ti bq27xxx *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability involves the Linux kernel's bq27xxx power supply driver. The issue is related to how the driver handles the poll_interval parameter and races during device removal. Specifically, before the fix, setting poll_interval to 0 in bq27xxx_battery_teardown() to prevent requeuing of delayed work caused unexpected changes if the driver was unbound via sysfs instead of being removed as a module. Additionally, there were race conditions where poll_interval could be changed concurrently, and the device removal process did not properly handle the removal from the device list before cancelling delayed work, leading to potential requeuing issues. The fix involved adding a removed attribute to track device removal and adjusting the order of operations during device removal to prevent these races.


How can this vulnerability impact me? :

This vulnerability can cause unexpected behavior in the power supply driver, such as race conditions and improper handling of delayed work items during device removal. This may lead to instability or incorrect operation of battery monitoring or management on affected devices using the bq27xxx driver. While it does not directly indicate security exploitation, the race conditions and improper state handling could potentially cause system instability or unexpected behavior in power management.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart