CVE-2025-38667

Summary

In the Linux kernel, the following vulnerability has been resolved:

iio: fix potential out-of-bound write

The buffer is set to 20 characters. If a caller write more characters, count is truncated to the max available space in "simple_write_to_buffer". To protect from OoB access, check that the input size fit into buffer and add a zero terminator after copy to the end of the copied data.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux6d5dd486c715908b5a6ed02315a15ff044a91025 < 81a635b6eccd6fc889f6d07ab9583b705f739ce1affected
LinuxLinux6d5dd486c715908b5a6ed02315a15ff044a91025 < 16285a0931869baa618b1f5d304e1e9d090470a8affected
LinuxLinux6.15affected
LinuxLinux0 < 6.15unaffected
LinuxLinux6.15.9 <= 6.15.*unaffected
LinuxLinux6.16 <= *unaffected

Weaknesses

References