CVE-2025-38485

Summary

In the Linux kernel, the following vulnerability has been resolved:

iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush

fxls8962af_fifo_flush() uses indio_dev->active_scan_mask (with iio_for_each_active_channel()) without making sure the indio_dev stays in buffer mode. There is a race if indio_dev exits buffer mode in the middle of the interrupt that flushes the fifo. Fix this by calling synchronize_irq() to ensure that no interrupt is currently running when disabling buffer mode.

Unable to handle kernel NULL pointer dereference at virtual address 00000000 when read […] _find_first_bit_le from fxls8962af_fifo_flush+0x17c/0x290 fxls8962af_fifo_flush from fxls8962af_interrupt+0x80/0x178 fxls8962af_interrupt from irq_thread_fn+0x1c/0x7c irq_thread_fn from irq_thread+0x110/0x1f4 irq_thread from kthread+0xe0/0xfc kthread from ret_from_fork+0x14/0x2c

Affected Software

VendorProductVersion RangeStatus
LinuxLinux79e3a5bdd9efbdf4e1069793d7735b432d641e7c < 6ecd61c201b27ad2760b3975437ad2b97d725b98affected
LinuxLinux79e3a5bdd9efbdf4e1069793d7735b432d641e7c < dda42f23a8f5439eaac9521ce0531547d880cc54affected
LinuxLinux79e3a5bdd9efbdf4e1069793d7735b432d641e7c < bfcda3e1015791b3a63fb4d3aad408da9cf76e8faffected
LinuxLinux79e3a5bdd9efbdf4e1069793d7735b432d641e7c < 1803d372460aaa9ae0188a30c9421d3f157f2f04affected
LinuxLinux79e3a5bdd9efbdf4e1069793d7735b432d641e7c < 1fe16dc1a2f5057772e5391ec042ed7442966c9aaffected
LinuxLinux5.14affected
LinuxLinux0 < 5.14unaffected
LinuxLinux6.1.147 <= 6.1.*unaffected
LinuxLinux6.6.100 <= 6.6.*unaffected
LinuxLinux6.12.40 <= 6.12.*unaffected
LinuxLinux6.15.8 <= 6.15.*unaffected
LinuxLinux6.16 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References