PT-2025-3635 · Linux+7 · Linux Kernel+7
Javier Carrasco
·
Published
2024-12-07
·
Updated
2025-10-03
·
CVE-2024-57910
CVSS v3.1
7.1
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 6.6.74
Description
The issue concerns an information leak in the triggered buffer of the Linux kernel's iio: light: vcnl4035 driver. The 'buffer' local array is used to push data to userspace from a triggered buffer but does not set an initial value for the single data element, which is an u16 aligned to 8 bytes. This leaves at least 4 bytes uninitialized even after writing an integer value with regmap read(). Initializing the array to zero before using it avoids pushing uninitialized information to userspace.
Recommendations
For Linux kernel versions prior to 6.6.74, update to version 6.6.74 or later to resolve the issue. As a temporary workaround, consider initializing the 'buffer' local array to zero before using it to avoid pushing uninitialized information to userspace. Restrict access to the vulnerable iio: light: vcnl4035 driver until the update is applied.
Exploit
Fix
Use of Uninitialized Resource
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu