CVE-2024-57912
Published: Jan 19, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: iio: pressure: zpa2326: fix information leak in triggered buffer The 'sample' local struct is used to push data to user space from a triggered buffer, but it has a hole between the temperature and the timestamp (u32 pressure, u16 temperature, GAP, u64 timestamp). This hole is never initialized. Initialize the struct to zero before using it to avoid pushing uninitialized information to userspace.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 03b262f2bbf43b82eaef82ffb3bc671d5b5c8da1 - < 9629ff1a86823269b12fb1ba9ca4efa945906287affected 03b262f2bbf43b82eaef82ffb3bc671d5b5c8da1 - < d25f1fc273670271412a52a1efbdaf5dcf274ed8affected 03b262f2bbf43b82eaef82ffb3bc671d5b5c8da1 - < 64a989aa7475b8e76e69b9ec86819ea293e53babaffected 03b262f2bbf43b82eaef82ffb3bc671d5b5c8da1 - < b7849f62e61242e0e02c776e1109eb81e59c567caffected 03b262f2bbf43b82eaef82ffb3bc671d5b5c8da1 - < fefb88a4da961a0b9c2473cbdcfce1a942fcfa9a+2 more versions |
Linux | Linux | affected 4.9unaffected 0 - < 4.9unaffected 5.4.290 - <= 5.4.*unaffected 5.10.234 - <= 5.10.*unaffected 5.15.177 - <= 5.15.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now