CVE-2025-39690

Summary

In the Linux kernel, the following vulnerability has been resolved:

iio: accel: sca3300: fix uninitialized iio scan data

Fix potential leak of uninitialized stack data to userspace by ensuring that the channels array is zeroed before use.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxedeb67fbbf4b59a025a27891b92a9fc07e77d2f2 < c88c04adb8611e436e1e773fd5db3f8d7397d089affected
LinuxLinuxedeb67fbbf4b59a025a27891b92a9fc07e77d2f2 < 4e5b705cc6147f0b9173c6219079f41416bdd3c0affected
LinuxLinux6.16affected
LinuxLinux0 < 6.16unaffected
LinuxLinux6.16.4 <= 6.16.*unaffected
LinuxLinux6.17 <= *unaffected

Weaknesses

References