QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2024-57910

Back to search

CVE-2024-57910

Published: Jan 19, 2025

Modified: May 23, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: iio: light: vcnl4035: fix information leak in triggered buffer The 'buffer' local array is used to push data to userspace from a triggered buffer, but it does not set an initial value for the single data element, which is an u16 aligned to 8 bytes. That leaves at least 4 bytes uninitialized even after writing an integer value with regmap_read(). Initialize the array to zero before using it to avoid pushing uninitialized information to userspace.

VendorProductVersions

Linux

Linux

affected
da8ef748fec2d55db0ae424ab40eee0c737564aa - < 13e56229fc81051a42731046e200493c4a7c28ff
affected
49739675048d372946c1ef136c466d5675eba9f0 - < b0e9c11c762e4286732d80e66c08c2cb3157b06b
affected
ec90b52c07c0403a6db60d752484ec08d605ead0 - < cb488706cdec0d6d13f2895bcdf0c32b283a7cc7
affected
ec90b52c07c0403a6db60d752484ec08d605ead0 - < 47d245be86492974db3aeb048609542167f56518
affected
ec90b52c07c0403a6db60d752484ec08d605ead0 - < a15ea87d4337479c9446b5d71616f4668337afed

+8 more versions

Linux

Linux

affected
5.14
unaffected
0 - < 5.14
unaffected
5.4.290 - <= 5.4.*
unaffected
5.10.234 - <= 5.10.*
unaffected
5.15.177 - <= 5.15.*

+4 more versions

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now
CVE-2024-57910 - Security Vulnerability | QwikSec