CVE-2025-38485 in Linuxinformação

Sumário

de MITRE • 28/07/2025

In the Linux kernel, the following vulnerability has been resolved:

iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush

fxls8962af_fifo_flush() uses indio_dev->active_scan_mask (with iio_for_each_active_channel()) without making sure the indio_dev stays in buffer mode. There is a race if indio_dev exits buffer mode in the middle of the interrupt that flushes the fifo. Fix this by calling synchronize_irq() to ensure that no interrupt is currently running when disabling buffer mode.

Unable to handle kernel NULL pointer dereference at virtual address 00000000 when read [...]
_find_first_bit_le from fxls8962af_fifo_flush+0x17c/0x290 fxls8962af_fifo_flush from fxls8962af_interrupt+0x80/0x178 fxls8962af_interrupt from irq_thread_fn+0x1c/0x7c irq_thread_fn from irq_thread+0x110/0x1f4 irq_thread from kthread+0xe0/0xfc kthread from ret_from_fork+0x14/0x2c

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Responsável

Linux

Reservar

16/04/2025

Divulgação

28/07/2025

Moderação

aceite

Entrada

VDB-317904

CPE

pronto

EPSS

0.00151

KEV

não

Atividades

muito baixo

Fontes

Interested in the pricing of exploits?

See the underground prices here!