CVE-2024-56557

Summary

In the Linux kernel, the following vulnerability has been resolved:

iio: adc: ad7923: Fix buffer overflow for tx_buf and ring_xfer

The AD7923 was updated to support devices with 8 channels, but the size of tx_buf and ring_xfer was not increased accordingly, leading to a potential buffer overflow in ad7923_update_scan_mode().

Affected Software

VendorProductVersion RangeStatus
LinuxLinux851644a60d200c9a294de5a5594004bcf13d34c7 < 6e4d236d9c4b38571c394d3ab6e85dfb71c33ed3affected
LinuxLinux851644a60d200c9a294de5a5594004bcf13d34c7 < 00663d3e000c31d0d49ef86a809f5c107c2d09cdaffected
LinuxLinux851644a60d200c9a294de5a5594004bcf13d34c7 < e5cac32721997cb8bcb208a29f4598b3faf46338affected
LinuxLinux851644a60d200c9a294de5a5594004bcf13d34c7 < 218ecc35949129171ca39bcc0d407c8dc4cd0bbcaffected
LinuxLinux851644a60d200c9a294de5a5594004bcf13d34c7 < 3a4187ec454e19903fd15f6e1825a4b84e59a4cdaffected
LinuxLinux5.6affected
LinuxLinux0 < 5.6unaffected
LinuxLinux5.15.203 <= 5.15.*unaffected
LinuxLinux6.1.120 <= 6.1.*unaffected
LinuxLinux6.6.64 <= 6.6.*unaffected
LinuxLinux6.12.4 <= 6.12.*unaffected
LinuxLinux6.13 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References