CVE-2024-57910

In the Linux kernel, the following vulnerability has been resolved: iio: light: vcnl4035: fix information leak in triggered buffer The 'buffer' local array is used to push data to userspace from a triggered buffer, but it does not set an initial value for the single data element, which is an u16 aligned to 8 bytes. That leaves at least 4 bytes uninitialized even after writing an integer value with regmap_read(). Initialize the array to zero before using it to avoid pushing uninitialized information to userspace.

CVSS v3 7.1 HIGH

7.1^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/13e56229fc81051a42731046e200493c4a7c28ff	Patch
https://git.kernel.org/stable/c/47b43e53c0a0edf5578d5d12f5fc71c019649279	Patch
https://git.kernel.org/stable/c/47d245be86492974db3aeb048609542167f56518	Patch
https://git.kernel.org/stable/c/a15ea87d4337479c9446b5d71616f4668337afed	Patch
https://git.kernel.org/stable/c/b0e9c11c762e4286732d80e66c08c2cb3157b06b	Patch
https://git.kernel.org/stable/c/cb488706cdec0d6d13f2895bcdf0c32b283a7cc7	Patch
https://git.kernel.org/stable/c/f6fb1c59776b4263634c472a5be8204c906ffc2c	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc6::::::

History

03 Feb 2025, 14:48

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/13e56229fc81051a42731046e200493c4a7c28ff -~~	() https://git.kernel.org/stable/c/13e56229fc81051a42731046e200493c4a7c28ff - Patch
References	~~() https://git.kernel.org/stable/c/47b43e53c0a0edf5578d5d12f5fc71c019649279 -~~	() https://git.kernel.org/stable/c/47b43e53c0a0edf5578d5d12f5fc71c019649279 - Patch
References	~~() https://git.kernel.org/stable/c/47d245be86492974db3aeb048609542167f56518 -~~	() https://git.kernel.org/stable/c/47d245be86492974db3aeb048609542167f56518 - Patch
References	~~() https://git.kernel.org/stable/c/a15ea87d4337479c9446b5d71616f4668337afed -~~	() https://git.kernel.org/stable/c/a15ea87d4337479c9446b5d71616f4668337afed - Patch
References	~~() https://git.kernel.org/stable/c/b0e9c11c762e4286732d80e66c08c2cb3157b06b -~~	() https://git.kernel.org/stable/c/b0e9c11c762e4286732d80e66c08c2cb3157b06b - Patch
References	~~() https://git.kernel.org/stable/c/cb488706cdec0d6d13f2895bcdf0c32b283a7cc7 -~~	() https://git.kernel.org/stable/c/cb488706cdec0d6d13f2895bcdf0c32b283a7cc7 - Patch
References	~~() https://git.kernel.org/stable/c/f6fb1c59776b4263634c472a5be8204c906ffc2c -~~	() https://git.kernel.org/stable/c/f6fb1c59776b4263634c472a5be8204c906ffc2c - Patch
CWE		CWE-908
CPE		cpe:2.3:o:linux:linux_kernel:6.13:rc5:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc4:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.13:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc6:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc3::::::
First Time		Linux linux Kernel Linux
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.1

02 Feb 2025, 11:15

Type	Values Removed	Values Added
References		() https://git.kernel.org/stable/c/13e56229fc81051a42731046e200493c4a7c28ff - () https://git.kernel.org/stable/c/b0e9c11c762e4286732d80e66c08c2cb3157b06b -

23 Jan 2025, 17:15

Type	Values Removed	Values Added
References		() https://git.kernel.org/stable/c/cb488706cdec0d6d13f2895bcdf0c32b283a7cc7 -
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iio: light: vcnl4035: corrige la fuga de información en el búfer activado La matriz local 'buffer' se utiliza para enviar datos al espacio de usuario desde un búfer activado, pero no establece un valor inicial para el elemento de datos único, que es un u16 alineado a 8 bytes. Eso deja al menos 4 bytes sin inicializar incluso después de escribir un valor entero con regmap_read(). Inicialice la matriz a cero antes de usarla para evitar enviar información no inicializada al espacio de usuario.

19 Jan 2025, 12:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-19 12:15

Updated : 2025-02-03 14:48

NVD link : CVE-2024-57910

Mitre link : CVE-2024-57910

CVE.ORG link : CVE-2024-57910

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-908

Use of Uninitialized Resource

7.1 /10