CVE-2024-57905

Jan. 19, 2025, 12:15 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads1119: fix information leak in triggered buffer The 'scan' local struct is used to push data to user space from a triggered buffer, but it has a hole between the sample (unsigned int) and the timestamp. This hole is never initialized. Initialize the struct to zero before using it to avoid pushing uninitialized information to userspace.

Product(s) Impacted

Product Versions
Linux Kernel

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/2f1687cca911a2f294313c762e0646cd9e7be8cc
https://git.kernel.org/stable/c/75f339d3ecd38cb1ce05357d647189d4a7f7ed08

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2025-01-19
CVE-2024-57905

Timeline

Published: Jan. 19, 2025, 12:15 p.m.
Last Modified: Jan. 19, 2025, 12:15 p.m.

Status : Undergoing Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.