CVE-2024-57908

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-57908
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-57908.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-57908
Downstream
Related
Published
2025-01-19T11:52:31.714Z
Modified
2026-03-20T12:41:03.399983Z
Severity
  • 7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVSS Calculator
Summary
iio: imu: kmx61: fix information leak in triggered buffer
Details

In the Linux kernel, the following vulnerability has been resolved:

iio: imu: kmx61: fix information leak in triggered buffer

The 'buffer' local array is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iioforeachactivechannel() to assign new values.

Initialize the array to zero before using it to avoid pushing uninitialized information to userspace.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/57xxx/CVE-2024-57908.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
c3a23ecc0901f624b681bbfbc4829766c5aa3070
Fixed
0871eb8d700b33dd7fa86c80630d62ddaef58c2c
Fixed
a386d9d2dc6635f2ec210b8199cfb3acf4d31305
Fixed
a07f698084412a3ef5e950fcac1d6b0f53289efd
Fixed
6985ba4467e4b15b809043fa7740d1fb23a1897b
Fixed
cde312e257b59ecaa0fad3af9ec7e2370bb24639
Fixed
565814cbbaa674d2901428796801de49a611e59d
Fixed
6ae053113f6a226a2303caa4936a4c37f3bfff7b

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-57908.json"