CVE-2025-40221

Published: Dec 4, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: media: pci: mg4b: fix uninitialized iio scan data Fix potential leak of uninitialized stack data to userspace by ensuring that the `scan` structure is zeroed before use.

Vendor	Product	Versions
Linux	Linux	affected `0ab13674a9bd10514486cf1670d71dbd8afec421 - < b7f82da7f86479cb6479a76ebe213ece7c77398f` affected `0ab13674a9bd10514486cf1670d71dbd8afec421 - < b792eba44494b4e6ab5006013335f9819f303b8b` affected `0ab13674a9bd10514486cf1670d71dbd8afec421 - < c0d3f6969bb4d72476cfe7ea9263831f1c283704`
Linux	Linux	affected `6.7` unaffected `0 - < 6.7` unaffected `6.12.54 - <= 6.12.` unaffected `6.17.4 - <= 6.17.` unaffected `6.18 - <= *`

References

https://git.kernel.org/stable/c/b7f82da7f86479cb6479a76ebe213ece7c77398f

https://git.kernel.org/stable/c/b792eba44494b4e6ab5006013335f9819f303b8b

https://git.kernel.org/stable/c/c0d3f6969bb4d72476cfe7ea9263831f1c283704

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-40221

Description

Affected Products

References