Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7091r: Allow users to configure device events AD7091R-5 devices are supported by the ad7091r-5 driver, along with the ad7091r-base driver. These drivers declare iio events to notify user space when ADC readings fall...

CVE-2026-46282

A flaw was found in the Linux kernel's iio: frequency: admv1013 driver. This vulnerability occurs when the system attempts to read a device property, and an uninitialized string is used, leading to a NULL pointer dereference. This could allow a local attacker to trigger a system crash, resulting ...

SUSE CVE-2026-31768

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-adc161s626: use DMA-safe memory for spiread Add a DMA-safe buffer and use it for spiread instead of a stack memory. All SPI buffers must be DMA-safe. Since we only need up to 3 bytes, we just use a u8 instead of be16...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992938)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992938 advisory. In the Linux kernel, the following vulnerability has been resolved: iio: light: isl29028: Fix the warning in isl29028remove The driver use the non-managed form of th...

CVE-2025-68330

CVE-2025-68330 affects the Linux kernel iio subsystem for the bmc150 accelerometer. The issue arises from unconditionally calling bmc150_accel_set_interrupt() in iio_buffer_setup_ops, even when the device has no IRQs, which can trigger a NULL pointer dereference during runtime PM resume. The conn...

The vulnerabilities of the functions bme680_compensate_temp(), bme680_compensate_press(), and bme680_compensate_humid() in the IIO driver (drivers/iio/chemical/bme680_core.c) of the Linux operating system allow a hacker to cause a service failure.

The vulnerabilities of the functions bme680compensatetemp, bme680compensatepress, and bme680compensatehumid in the IIO driver drivers/iio/chemical/bme680core.c of the Linux kernel are related to the execution of operations outside of the buffer in memory. Exploiting these vulnerabilities can allo...

CVE-2024-50198 iio: light: veml6030: fix IIO device retrieval from embedded device

In the Linux kernel, the following vulnerability has been resolved: iio: light: veml6030: fix IIO device retrieval from embedded device The dev pointer that is received as an argument in the inilluminanceperiodavailableshow function references the device embedded in the IIO device, not in the i2c...

CVE-2024-46715

In the Linux kernel, the following vulnerability has been resolved: driver: iio: add missing checks on iioinfo's callback access Some callbacks from iioinfo structure are accessed without any check, so if a driver doesn't implement them trying to access the corresponding sysfs entries produce a...

DEBIAN-CVE-2024-46715

In the Linux kernel, the following vulnerability has been resolved: driver: iio: add missing checks on iioinfo's callback access Some callbacks from iioinfo structure are accessed without any check, so if a driver doesn't implement them trying to access the corresponding sysfs entries produce a...

CVE-2024-46715 driver: iio: add missing checks on iio_info's callback access

In the Linux kernel, the following vulnerability has been resolved: driver: iio: add missing checks on iioinfo's callback access Some callbacks from iioinfo structure are accessed without any check, so if a driver doesn't implement them trying to access the corresponding sysfs entries produce a...

CVE-2024-46715 driver: iio: add missing checks on iio_info's callback access

In the Linux kernel, the following vulnerability has been resolved: driver: iio: add missing checks on iioinfo's callback access Some callbacks from iioinfo structure are accessed without any check, so if a driver doesn't implement them trying to access the corresponding sysfs entries produce a...

CVE-2024-46715

CVE-2024-46715: Linux kernel vulnerability in iio_info callback access where certain callbacks could be accessed without checks, leading to a NULL pointer dereference and potential kernel oops if a driver does not implement callbacks. The issue was fixed by adding missing validation for iio_info ...

SUSE CVE-2021-47499

In the Linux kernel, the following vulnerability has been resolved: iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove When ACPI type is ACPISMO8500, the data-dreadytrig will not be set, the memory allocated by iiotriggeredbuffersetup will not be freed, and cause memory leak as...