摘要:
In the Linux kernel, the following vulnerability has been resolved:
iio: adc: ti-ads1119: fix information leak in triggered buffer
The 'scan' local struct is used to push data to user space from a
triggered buffer, but it has a hole between the sample (unsigned int)
and the timestamp. This hole is never initialized.
Initialize the struct to zero before using it to avoid pushing
uninitialized information to userspace.
安全等级: Low
公告ID: KylinSec-SA-2025-1030
发布日期: 2025年1月27日
关联CVE: CVE-2024-57905
In the Linux kernel, the following vulnerability has been resolved:
iio: adc: ti-ads1119: fix information leak in triggered buffer
The 'scan' local struct is used to push data to user space from a
triggered buffer, but it has a hole between the sample (unsigned int)
and the timestamp. This hole is never initialized.
Initialize the struct to zero before using it to avoid pushing
uninitialized information to userspace.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2024-57905 | KY3.4-5A | kernel | Unaffected |
| CVE-2024-57905 | V6 | kernel | Unaffected |
