PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-45938 Linux CVE debrief

A use-after-free vulnerability exists in the Linux kernel's PM8916 LBC (Low Battery Charger) power supply driver. The issue stems from incorrect ordering of devm-managed resource allocation: the IRQ is requested via devm_request_irq() before the power_supply handle is registered via devm_power_supply_register(). Since devm resources are deallocated in reverse order, during driver removal the power_supply handle is freed before the IRQ handler is unregistered. This creates a race window where a pending interrupt can invoke power_supply_changed() with a freed pointer, leading to kernel crashes or memory corruption. A similar race exists during probe() where an interrupt could fire before power_supply registration completes, causing use of uninitialized data. The fix reorders initialization to register the power_supply handle before requesting the IRQ.

Vendor
Linux
Product
Unknown
CVSS
Unknown
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-27
Original CVE updated
2026-05-27
Advisory published
2026-05-27
Advisory updated
2026-05-27

Who should care

Organizations running Linux on Qualcomm Snapdragon-based embedded or mobile devices using the PM8916 power management IC; kernel maintainers and distribution security teams

Technical summary

The PM8916 LBC driver in the Linux kernel contains a use-after-free vulnerability caused by incorrect ordering of devm-managed resources. The driver calls devm_request_irq() before devm_power_supply_register(), which during removal causes the power_supply structure to be freed while the IRQ handler remains active. An interrupt firing in this window calls power_supply_changed() with a dangling pointer. The vulnerability also affects probe() where interrupts could fire before power_supply initialization completes. The fix ensures power_supply registration precedes IRQ request, eliminating both race conditions.

Defensive priority

high

Recommended defensive actions

  • Apply kernel patches from stable branches once available for your distribution
  • Prioritize patching systems using PM8916 chipset devices (Qualcomm Snapdragon-based mobile/embedded platforms)
  • Monitor vendor security advisories for distribution-specific kernel updates
  • If running custom kernels with PM8916_LBC driver enabled, consider backporting the fix commits or disabling the driver if not required
  • Review other power supply drivers for similar devm resource ordering patterns

Evidence notes

Vulnerability description confirms race condition in devm resource ordering. Multiple stable kernel commits provided indicate backports to affected branches. No CVSS score assigned; NVD status 'Awaiting Analysis'.

Official resources

2026-05-27