CVE-2024-57911
Published: Jan 19, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer The 'data' array is allocated via kmalloc() and it is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. Use kzalloc for the memory allocation to avoid pushing uninitialized information to userspace.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 415f792447572ef1949a3cef5119bbce8cc66373 - < 03fa47621bf8fcbf5994c5716021527853f9af3daffected 415f792447572ef1949a3cef5119bbce8cc66373 - < e1c1e8c05010103c9c9ea3e9c4304b0b7e2c8e4aaffected 415f792447572ef1949a3cef5119bbce8cc66373 - < 006073761888a632c5d6f93e47c41760fa627f77affected 415f792447572ef1949a3cef5119bbce8cc66373 - < b0642d9c871aea1f28eb02cd84d60434df594f67affected 415f792447572ef1949a3cef5119bbce8cc66373 - < 74058395b2c63c8a438cf199d09094b640f8c7f4+2 more versions |
Linux | Linux | affected 4.5unaffected 0 - < 4.5unaffected 5.4.290 - <= 5.4.*unaffected 5.10.234 - <= 5.10.*unaffected 5.15.177 - <= 5.15.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now