VYPR
Unrated severityNVD Advisory· Published Dec 24, 2025· Updated Apr 15, 2026

CVE-2023-54079

CVE-2023-54079

Description

In the Linux kernel, the following vulnerability has been resolved:

power: supply: bq27xxx: Fix poll_interval handling and races on remove

Before this patch bq27xxx_battery_teardown() was setting poll_interval = 0 to avoid bq27xxx_battery_update() requeuing the delayed_work item.

There are 2 problems with this:

1. If the driver is unbound through sysfs, rather then the module being rmmod-ed, this changes poll_interval unexpectedly

2. This is racy, after it being set poll_interval could be changed before bq27xxx_battery_update() checks it through /sys/module/bq27xxx_battery/parameters/poll_interval

Fix this by added a removed attribute to struct bq27xxx_device_info and using that instead of setting poll_interval to 0.

There also is another poll_interval related race on remove(), writing /sys/module/bq27xxx_battery/parameters/poll_interval will requeue the delayed_work item for all devices on the bq27xxx_battery_devices list and the device being removed was only removed from that list after cancelling the delayed_work item.

Fix this by moving the removal from the bq27xxx_battery_devices list to before cancelling the delayed_work item.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

76

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.