CVE-2025-39719

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-39719
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-39719.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-39719
Downstream
Related
Published
2025-09-05T17:21:26.952Z
Modified
2026-03-20T12:43:01.142601Z
Summary
iio: imu: bno055: fix OOB access of hw_xlate array
Details

In the Linux kernel, the following vulnerability has been resolved:

iio: imu: bno055: fix OOB access of hw_xlate array

Fix a potential out-of-bounds array access of the hw_xlate array in bno055.c.

In bno055getregmask(), hwxlate was iterated over the length of the vals array instead of the length of the hwxlate array. In the case of bno055gyrscale, the vals array is larger than the hwxlate array, so this could result in an out-of-bounds access. In practice, this shouldn't happen though because a match should always be found which breaks out of the for loop before it iterates beyond the end of the hwxlate array.

By adding a new hwxlatelen field to the bno055sysfsattr, we can be sure we are iterating over the correct length.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39719.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
4aefe1c2bd0cb0223130671d459cd16efa3d3462
Fixed
a0691ab6334f1769acc64ea9e319414a682ff45d
Fixed
50e823a23816b792daf6e8405f8d6045952bb90e
Fixed
4808ca3aa30ae857454d0b41d2d0bf161a312b45
Fixed
5c2b601922c064f7be70ae8621277f18d1ffec59
Fixed
399b883ec828e436f1a721bf8551b4da8727e65b

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-39719.json"