Linux · Linux Kernel · CVE-2024-46715
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
The issue is related to missing checks on `iio info`'s callback access in the Linux kernel. Some callbacks from the `iio info` structure are accessed without any check, leading to a kernel oops when a driver doesn't implement them and tries to access the corresponding sysfs entries. This results in a NULL pointer dereference at a virtual address. The call trace includes functions such as `iio read channel info avail`, `dev attr show`, `sysfs kf seq show`, `seq read iter`, `vfs read`, and `ksys read`.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.