CVE-2026-23092

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An out-of-bounds write issue exists in the IIO DAC AD3552R-HS driver within the Linux kernel. The issue occurs because the code incorrectly uses a potentially oversized 'count' value as an index for null termination within the simple write to buffer() function, leading to a write beyond the allocated buffer boundaries when the count exceeds the buffer size. The bug was identified through static analysis and validated using a demo module and QEMU. Specifically, writing 128 bytes to a 64-byte stack buffer triggers the out-of-bounds write, as reported by KASAN. The vulnerable code attempts to null-terminate the buffer at buf[count], where count can be greater than the buffer's capacity.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.