CVE-2026-43356
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
iio: imu: adis: Fix NULL pointer dereference in adis_init
The adis_init() function dereferences adis->ops to check if the individual function pointers (write, read, reset) are NULL, but does not first check if adis->ops itself is NULL.
Drivers like adis16480, adis16490, adis16545 and others do not set custom ops and rely on adis_init() assigning the defaults. Since struct adis is zero-initialized by devm_iio_device_alloc(), adis->ops is NULL when adis_init() is called, causing a NULL pointer dereference:
Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000
pc : adis_init+0xc0/0x118
Call trace:
adis_init+0xc0/0x118
adis16480_probe+0xe0/0x670
Fix this by checking if adis->ops is NULL before dereferencing it, falling through to assign the default ops in that case.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 3b29bcee8f6f703a5952b85fc2ffcbcfb0862db4 < ba19dd366528b961430f5195c2e382420703074f | affected |
| Linux | Linux | 3b29bcee8f6f703a5952b85fc2ffcbcfb0862db4 < 1a48f94c63a078e7b6a2e59a637fc0858dc6510c | affected |
| Linux | Linux | 3b29bcee8f6f703a5952b85fc2ffcbcfb0862db4 < 9990cd4f8827bd1ae3fb6eb7407630d8d463c430 | affected |
| Linux | Linux | 6.15 | affected |
| Linux | Linux | 0 < 6.15 | unaffected |
| Linux | Linux | 6.18.19 <= 6.18.* | unaffected |
| Linux | Linux | 6.19.9 <= 6.19.* | unaffected |
| Linux | Linux | 7.0 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/ba19dd366528b961430f5195c2e382420703074f
- https://git.kernel.org/stable/c/1a48f94c63a078e7b6a2e59a637fc0858dc6510c
- https://git.kernel.org/stable/c/9990cd4f8827bd1ae3fb6eb7407630d8d463c430
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.