CVE-2025-40221

Summary

In the Linux kernel, the following vulnerability has been resolved:

media: pci: mg4b: fix uninitialized iio scan data

Fix potential leak of uninitialized stack data to userspace by ensuring that the scan structure is zeroed before use.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0ab13674a9bd10514486cf1670d71dbd8afec421 < b7f82da7f86479cb6479a76ebe213ece7c77398faffected
LinuxLinux0ab13674a9bd10514486cf1670d71dbd8afec421 < b792eba44494b4e6ab5006013335f9819f303b8baffected
LinuxLinux0ab13674a9bd10514486cf1670d71dbd8afec421 < c0d3f6969bb4d72476cfe7ea9263831f1c283704affected
LinuxLinux6.7affected
LinuxLinux0 < 6.7unaffected
LinuxLinux6.12.54 <= 6.12.*unaffected
LinuxLinux6.17.4 <= 6.17.*unaffected
LinuxLinux6.18 <= *unaffected

Weaknesses

References