CVE-2025-38484
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
iio: backend: fix out-of-bound write
The buffer is set to 80 character. If a caller write more characters, count is truncated to the max available space in "simple_write_to_buffer". But afterwards a string terminator is written to the buffer at offset count without boundary check. The zero termination is written OUT-OF-BOUND.
Add a check that the given buffer is smaller then the buffer to prevent.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | df3892e5e861c43d5612728ed259634675b8a71f < 6eea9f7648ddb9e4903735a1f77cf196c957aa38 | affected |
| Linux | Linux | 035b4989211dc1c8626e186d655ae8ca5141bb73 < 01e941aa7f5175125df4ac5d3aab099961525602 | affected |
| Linux | Linux | 035b4989211dc1c8626e186d655ae8ca5141bb73 < da9374819eb3885636934c1006d450c3cb1a02ed | affected |
| Linux | Linux | 04271a4d2740f98bbe36f82cd3d74677a839d1eb | affected |
| Linux | Linux | fd791c81f410ab1c554686a6f486dc7a176dfe35 | affected |
| Linux | Linux | 6.12.23 < 6.12.40 | affected |
| Linux | Linux | 6.13.11 < 6.14 | affected |
| Linux | Linux | 6.14.2 < 6.15 | affected |
| Linux | Linux | 6.15 | affected |
| Linux | Linux | 0 < 6.15 | unaffected |
| Linux | Linux | 6.12.40 <= 6.12.* | unaffected |
| Linux | Linux | 6.15.8 <= 6.15.* | unaffected |
| Linux | Linux | 6.16 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/6eea9f7648ddb9e4903735a1f77cf196c957aa38
- https://git.kernel.org/stable/c/01e941aa7f5175125df4ac5d3aab099961525602
- https://git.kernel.org/stable/c/da9374819eb3885636934c1006d450c3cb1a02ed
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.