CVE-2025-38485 in Linux情報

要約

〜によって MITRE • 2025年07月28日

In the Linux kernel, the following vulnerability has been resolved:

iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush

fxls8962af_fifo_flush() uses indio_dev->active_scan_mask (with iio_for_each_active_channel()) without making sure the indio_dev stays in buffer mode. There is a race if indio_dev exits buffer mode in the middle of the interrupt that flushes the fifo. Fix this by calling synchronize_irq() to ensure that no interrupt is currently running when disabling buffer mode.

Unable to handle kernel NULL pointer dereference at virtual address 00000000 when read [...]
_find_first_bit_le from fxls8962af_fifo_flush+0x17c/0x290 fxls8962af_fifo_flush from fxls8962af_interrupt+0x80/0x178 fxls8962af_interrupt from irq_thread_fn+0x1c/0x7c irq_thread_fn from irq_thread+0x110/0x1f4 irq_thread from kthread+0xe0/0xfc kthread from ret_from_fork+0x14/0x2c

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

責任者

Linux

予約する

2025年04月16日

モデレーション

承諾済み

エントリ

VDB-317904

EPSS

0.00151

アクティビティ

非常低い

ソース

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!