30 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: iio: core: Prevent invalid memory access when there is no parent device. The commit 813665564b3d “iio: core: Convert to use the firmware node handle instead of the OF node” changed the type of nodes used for label retrieval durin...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iio: fixed a memory leak in iiodeviceregistereventset When iiodeviceregistersysfsgroup returns an error, iiodeviceregistereventset must free the attrs array. Otherwise, kmemleak will detect and report a memory leak as follows:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: iio: accel: sca3300: fixed uninitialized iio scan data Fixed the potential leak of uninitialized stack data into the user space by ensuring that the channels array is cleared before use...
PT-2026-39017
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the adis init function. The function attempts to dereference adis-ops to verify if specific function pointers write, read, reset are NULL without fir...
CVE-2026-31761
A flaw was found in the Linux kernel's Industrial Input/Output IIO subsystem, specifically within the mpu3050 gyroscope driver. Incorrect placement of the iiodeviceregister function during device probing creates a race condition. This race condition could potentially lead to unexpected system...
Moxa MxGeneralIo 安全漏洞
Moxa MxGeneralIo is an industrial input/output control library developed by Moxa Corporation in Taiwan, China. There is a security vulnerability in Moxa MxGeneralIo, which stems from insufficient access control. This vulnerability may lead to privilege escalation or system crashes...
SUSE CVE-2025-71198
In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: fix iiochanspec for sensors without event detection The stlsm6dsxaccchannels array of struct iiochanspec has a non-NULL eventspec field, indicating support for IIO events. However, event detection is not...
UBUNTU-CVE-2025-71199
In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91-sama5d2adc: Fix potential use-after-free in sama5d2adc driver at91adcinterrupt can call at91adctouchdatahandler function to start the work by schedulework&st-touchst.workq. If we remove the module which will call...
CVE-2025-40221 media: pci: mg4b: fix uninitialized iio scan data
In the Linux kernel, the following vulnerability has been resolved: media: pci: mg4b: fix uninitialized iio scan data Fix potential leak of uninitialized stack data to userspace by ensuring that the scan structure is zeroed before use...
EUVD-2025-27877
Malicious code in bioql PyPI...
DEBIAN-CVE-2025-39687
In the Linux kernel, the following vulnerability has been resolved: iio: light: as73211: Ensure buffer holes are zeroed Given that the buffer is copied to a kfifo that ultimately user space can read, ensure we zero it...
driver: iio: add missing checks on iio_info's callback access
...
SUSE CVE-2025-38667
In the Linux kernel, the following vulnerability has been resolved: iio: fix potential out-of-bound write The buffer is set to 20 characters. If a caller write more characters, count is truncated to the max available space in "simplewritetobuffer". To protect from OoB access, check that the input...
CVE-2025-38667 iio: fix potential out-of-bound write
In the Linux kernel, the following vulnerability has been resolved: iio: fix potential out-of-bound write The buffer is set to 20 characters. If a caller write more characters, count is truncated to the max available space in "simplewritetobuffer". To protect from OoB access, check that the input...
CVE-2025-38667
CVE-2025-38667 relates to the Linux kernel iio path, where a potential out-of-bounds write occurred when writing to a 20-character buffer. The fix adds a size check to ensure input fits the buffer and appends a zero terminator after copying the data, preventing OoB access. Impact is described as ...
CVE-2025-38667 iio: fix potential out-of-bound write
In the Linux kernel, the following vulnerability has been resolved: iio: fix potential out-of-bound write The buffer is set to 20 characters. If a caller write more characters, count is truncated to the max available space in "simplewritetobuffer". To protect from OoB access, check that the input...
CVE-2025-38547
CVE-2025-38547 affects the Linux kernel IIO ADC driver for the AXP20x family (AXP717). The issue is a missing sentinel entry in the AXP717 ADC channel maps, which leads to a KASAN warning. The described remediation is to add the missing sentinel entry to the channel maps. The provided material do...
CVE-2025-38531 iio: common: st_sensors: Fix use of uninitialize device structs
In the Linux kernel, the following vulnerability has been resolved: iio: common: stsensors: Fix use of uninitialize device structs Throughout the various probe functions &indiodev-dev is used before it is initialized. This caused a kernel panic in stsensorspowerenable when the call to...
DEBIAN-CVE-2025-38485
In the Linux kernel, the following vulnerability has been resolved: iio: accel: fxls8962af: Fix use after free in fxls8962affifoflush fxls8962affifoflush uses indiodev-activescanmask with iioforeachactivechannel without making sure the indiodev stays in buffer mode. There is a race if indiodev...
UBUNTU-CVE-2025-38484
In the Linux kernel, the following vulnerability has been resolved: iio: backend: fix out-of-bound write The buffer is set to 80 character. If a caller write more characters, count is truncated to the max available space in "simplewritetobuffer". But afterwards a string terminator is written to t...