Description
In the Linux kernel, the following vulnerability has been resolved: staging: most: remove broken i2c driver The MOST I2C driver has been completely broken for five years without anyone noticing so remove the driver from staging. Specifically, commit 723de0f9171e ("staging: most: remove device from interface structure") started requiring drivers to set the interface device pointer before registration, but the I2C driver was never updated which results in a NULL pointer dereference if anyone ever tries to probe it.
Product status
723de0f9171eeb49a3ae98cae82ebbbb992b3a7c (git) before 6cbba922934805f86eece6ba7010b7201962695d
723de0f9171eeb49a3ae98cae82ebbbb992b3a7c (git) before 6059a66dba7f26b21852831432e17075f1a1c783
723de0f9171eeb49a3ae98cae82ebbbb992b3a7c (git) before e463548fd80e779efea1cb2d3049b8a7231e6925
723de0f9171eeb49a3ae98cae82ebbbb992b3a7c (git) before 495df2da6944477d282d5cc0c13174d06e25b310
5.6
Any version before 5.6
6.6.120 (semver)
6.17.13 (semver)
6.18.2 (semver)
6.19-rc1 (original_commit_for_fix)
References
git.kernel.org/...c/6cbba922934805f86eece6ba7010b7201962695d
git.kernel.org/...c/6059a66dba7f26b21852831432e17075f1a1c783
git.kernel.org/...c/e463548fd80e779efea1cb2d3049b8a7231e6925
git.kernel.org/...c/495df2da6944477d282d5cc0c13174d06e25b310
Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.