CVE-2024-50198

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A vulnerability in the Linux kernel has been fixed, related to the iio: light: veml6030 driver. The issue arises from the in illuminance period available show function, where the dev pointer references the device embedded in the IIO device, not the i2c client. This leads to a segmentation fault when attempting to read the attribute due to a NULL assignment to indio dev. The bug has been present since the driver's first appearance, apparently since version V6.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.