📄 Description (English)
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (powerz) Fix use-after-free on USB disconnect
After powerz_disconnect() frees the URB and releases the mutex, a
subsequent powerz_read() call can acquire the mutex and call
powerz_read_data(), which dereferences the freed URB pointer.
Fix by:
- Setting priv->urb to NULL in powerz_disconnect() so that
powerz_read_data() can detect the disconnected state.
- Adding a !priv->urb check at the start of powerz_read_data()
to return -ENODEV on a disconnected device.
- Moving usb_set_intfdata() before hwmon registration so the
disconnect handler can always find the priv pointer.
🤖 AI Executive Summary
A use-after-free vulnerability exists in the Linux kernel's powerz hwmon driver that can be triggered when a USB device is disconnected while a read operation is in progress. An attacker with physical access to a system or ability to trigger USB disconnection events could potentially cause a kernel crash or execute arbitrary code. The vulnerability affects systems using the powerz power monitoring device driver.
📄 Description (Arabic)
🤖 AI Intelligence Analysis Analyzed: Apr 29, 2026 08:48
🇸🇦 Saudi Arabia Impact Assessment
This vulnerability primarily impacts Saudi organizations running Linux-based infrastructure, particularly: (1) Data centers and cloud providers hosting critical services for government and financial institutions; (2) Energy sector (ARAMCO, SEC) utilizing Linux-based monitoring systems for power management; (3) Telecommunications providers (STC, Mobily, Zain) using Linux servers for network infrastructure; (4) Government agencies (NCA, CITC) operating Linux-based security and monitoring systems. The impact is moderate as it requires physical access or specific USB device manipulation, limiting remote exploitation potential.
🏢 Affected Saudi Sectors
Energy (ARAMCO, SEC)
Telecommunications (STC, Mobily, Zain)
Government (NCA, CITC)
Data Centers and Cloud Providers
Healthcare (MNGHA facilities)
Financial Services
🎯 MITRE ATT&CK Techniques
⚖️ Saudi Risk Score (AI)
5.2
/ 10.0
🔧 Remediation Steps (English)
Immediate Actions:
1. Identify systems running Linux kernel versions with the powerz driver enabled
2. Check if powerz USB devices are connected to critical infrastructure
3. Implement physical access controls to USB ports on affected systems
Patching Guidance:
1. Update Linux kernel to the latest patched version (check your distribution's security advisories)
2. Apply kernel patches that include the fix: setting priv->urb to NULL in powerz_disconnect(), adding !priv->urb check in powerz_read_data(), and moving usb_set_intfdata() before hwmon registration
3. Test patches in non-production environment before deployment
Compensating Controls (if immediate patching not possible):
1. Disable the powerz driver if not actively used: echo 'blacklist powerz' >> /etc/modprobe.d/blacklist.conf
2. Restrict USB device access through BIOS/UEFI settings
3. Implement USB port locks on physical servers
4. Monitor kernel logs for hwmon-related errors and USB disconnect events
Detection Rules:
1. Monitor for kernel panic messages related to powerz driver
2. Alert on unexpected USB device disconnections during active monitoring sessions
3. Track kernel module load/unload events for powerz driver
4. Monitor dmesg for 'use-after-free' or 'NULL pointer dereference' messages
🔧 خطوات المعالجة (العربية)
الإجراءات الفورية:
1. تحديد الأنظمة التي تشغل إصدارات نواة Linux مع تفعيل برنامج تشغيل powerz
2. التحقق من توصيل أجهزة USB من powerz بالبنية التحتية الحرجة
3. تطبيق ضوابط الوصول الفيزيائي لمنافذ USB على الأنظمة المتأثرة
إرشادات التصحيح:
1. تحديث نواة Linux إلى أحدث إصدار مصحح (تحقق من تنبيهات الأمان الخاصة بتوزيعتك)
2. تطبيق تصحيحات النواة التي تتضمن الإصلاح: تعيين priv->urb إلى NULL في powerz_disconnect()، إضافة فحص !priv->urb في powerz_read_data()، ونقل usb_set_intfdata() قبل تسجيل hwmon
3. اختبر التصحيحات في بيئة غير الإنتاج قبل النشر
الضوابط البديلة (إذا لم يكن التصحيح الفوري ممكناً):
1. تعطيل برنامج تشغيل powerz إذا لم يكن قيد الاستخدام النشط
2. تقييد وصول جهاز USB من خلال إعدادات BIOS/UEFI
3. تطبيق أقفال منافذ USB على الخوادم الفيزيائية
4. مراقبة سجلات النواة للأخطاء المتعلقة بـ hwmon وأحداث قطع الاتصال
قواعد الكشف:
1. مراقبة رسائل انهيار النواة المتعلقة ببرنامج تشغيل powerz
2. التنبيه على قطع الاتصال غير المتوقع لأجهزة USB أثناء جلسات المراقبة النشطة
3. تتبع أحداث تحميل/تفريغ وحدات النواة لبرنامج تشغيل powerz
4. مراقبة dmesg للبحث عن رسائل 'use-after-free' أو 'NULL pointer dereference'
📋 Regulatory Compliance Mapping
🟢 NCA ECC 2024
A.12.6.1 - Management of technical vulnerabilities
A.14.2.1 - Secure development policy
A.12.2.1 - Monitoring and logging
🔵 SAMA CSF
ID.RA-1 - Asset management and vulnerability identification
PR.PT-2 - System and communications protection
DE.CM-1 - Detection processes and tools
🟡 ISO 27001:2022
A.12.6.1 - Management of technical vulnerabilities
A.14.2.1 - Secure development policy
A.12.2.1 - Monitoring and logging
🔗 References & Sources 5
🔗
https://git.kernel.org/stable/c/08e57f5e1a9067d5fbf33993aa7f51d60b3d13a4
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
🔗
https://git.kernel.org/stable/c/61f2aa23b0ce8d7aa5071ed25a7471e246a4fdd4
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
🔗
https://git.kernel.org/stable/c/7003ae4810ca83f0ddca85b768500e313c4b998c
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
🔗
https://git.kernel.org/stable/c/9e1b798257f96d2e2a2639830eb71add545ce749
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
🔗
https://git.kernel.org/stable/c/c78e1d4e48f23792adaa7c94251e22b0d9700a39
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
📦 Affected Products / CPE 4 entries
linux:linux_kernel
linux:linux_kernel
linux:linux_kernel
linux:linux_kernel