- Description
- In the Linux kernel, the following vulnerability has been resolved: iio: adc: rockchip_saradc: fix information leak in triggered buffer The 'data' local struct is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. Initialize the struct to zero before using it to avoid pushing uninitialized information to userspace.
- Source
- 416baaa9-dc9f-4396-8d5f-8c081fb06d67
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 7.1
- Impact score
- 5.2
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
- Severity
- HIGH
- nvd@nist.gov
- CWE-908
- Hype score
- Not currently trending
CVE-2024-57907 Information Leak Fix in Linux Kernel Rockchip SARADC Driver https://t.co/6I4gN9U3K2
@VulmonFeeds
19 Jan 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-57907 In the Linux kernel, the following vulnerability has been resolved: iio: adc: rockchip_saradc: fix information leak in triggered buffer The 'data' local struct is u… https://t.co/sttMbhpnv8
@CVEnew
19 Jan 2025
125 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FA3C66F8-143F-4897-962F-C1A8BDDD46CD",
"versionEndExcluding": "6.6.72",
"versionStartIncluding": "5.9"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "02D604F6-10D1-4F7B-A022-0888406A1121",
"versionEndExcluding": "6.12.10",
"versionStartIncluding": "6.7"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A073481-106D-4B15-B4C7-FB0213B8E1D4"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DE491969-75AE-4A6B-9A58-8FC5AF98798F"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "93C0660D-7FB8-4FBA-892A-B064BA71E49E"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "034C36A6-C481-41F3-AE9A-D116E5BE6895"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8AF9DC49-2085-4FFB-A7E3-73DFAFECC7F2"
}
],
"operator": "OR"
}
]
}
]