In the Linux kernel, the following vulnerability has been resolved:
iio: common: st_sensors: Fix use of uninitialize device structs
Throughout the various probe functions &indio_dev->dev is used before it
is initialized. This caused a kernel panic in st_sensors_power_enable()
when the call to devm_regulator_bulk_get_enable() fails and then calls
dev_err_probe() with the uninitialized device.
This seems to only cause a panic with dev_err_probe(), dev_err(),
dev_warn() and dev_info() don't seem to cause a panic, but are fixed
as well.
The issue is reported and traced here: [1]
CVSS
No CVSS.
References
Configurations
No configuration.
History
16 Aug 2025, 12:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-08-16 12:15
Updated : 2025-08-16 12:15
NVD link : CVE-2025-38531
Mitre link : CVE-2025-38531
CVE.ORG link : CVE-2025-38531
JSON object : View
Products Affected
No product.
CWE
No CWE.