摘要:
In the Linux kernel, the following vulnerability has been resolved:
iio: light: Add check for array bounds in veml6075_read_int_time_ms
The array contains only 5 elements, but the index calculated by
veml6075_read_int_time_index can range from 0 to 7,
which could lead to out-of-bounds access. The check prevents this issue.
Coverity Issue
CID 1574309: (#1 of 1): Out-of-bounds read (OVERRUN)
overrun-local: Overrunning array veml6075_it_ms of 5 4-byte
elements at element index 7 (byte offset 31) using
index int_index (which evaluates to 7)
This is hardening against potentially broken hardware. Good to have
but not necessary to backport.
安全等级: Low
公告ID: KylinSec-SA-2025-2420
发布日期: 2025年5月30日
关联CVE: CVE-2025-40114
在 Linux 内核中,以下漏洞已修复:
iio:光传感器驱动:在 veml6075_read_int_time_ms 中添加数组边界检查
原代码中数组仅有 5 个元素,但 veml6075_read_int_time_index 计算出的索引值范围可能为 0 至 7,导致越界访问。此修复通过添加边界检查防止该问题。
Coverity 漏洞报告
CID 1574309:越界读取(OVERRUN)
问题描述:在 veml6075_it_ms 数组(长度为 5 个 4 字节元素)中,通过索引 int_index(计算值为 7)访问第 7 号元素(字节偏移 31),导致越界。
修复意义
此修复针对可能因硬件缺陷引发的越界访问问题,属于安全加固措施。虽非必须回移植,但建议优先应用以增强系统稳定性。
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2025-40114 | KY3.4-5A | kernel | Unaffected |
| CVE-2025-40114 | V6 | kernel | Unaffected |
