CVE-2025-40114 in Linuxinfo

Zusammenfassung

von MITRE • 18.04.2025

In the Linux kernel, the following vulnerability has been resolved:

iio: light: Add check for array bounds in veml6075_read_int_time_ms

The array contains only 5 elements, but the index calculated by veml6075_read_int_time_index can range from 0 to 7, which could lead to out-of-bounds access. The check prevents this issue.

Coverity Issue CID 1574309: (#1 of 1): Out-of-bounds read (OVERRUN) overrun-local: Overrunning array veml6075_it_ms of 5 4-byte elements at element index 7 (byte offset 31) using index int_index (which evaluates to 7)

This is hardening against potentially broken hardware. Good to have but not necessary to backport.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Zuständig

Linux

Reservieren

16.04.2025

Veröffentlichung

18.04.2025

Moderieren

akzeptiert

Eintrag

VDB-305638

CPE

bereit

EPSS

0.00225

KEV

nein

Aktivitäten

very low

Quellen

Want to stay up to date on a daily basis?

Enable the mail alert feature now!