CVE-2024-56557

MEDIUM

Linux kernel - Buffer Overflow

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7923: Fix buffer overflow for tx_buf and ring_xfer The AD7923 was updated to support devices with 8 channels, but the size of tx_buf and ring_xfer was not increased accordingly, leading to a potential buffer overflow in ad7923_update_scan_mode().

References (6)

Core 6

Core References

Mailing List

https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html

https://git.kernel.org/stable/c/6e4d236d9c4b38571c394d3ab6e85dfb71c33ed3

Patch

https://git.kernel.org/stable/c/00663d3e000c31d0d49ef86a809f5c107c2d09cd

Patch

https://git.kernel.org/stable/c/218ecc35949129171ca39bcc0d407c8dc4cd0bbc

Patch

https://git.kernel.org/stable/c/3a4187ec454e19903fd15f6e1825a4b84e59a4cd

Patch

https://git.kernel.org/stable/c/e5cac32721997cb8bcb208a29f4598b3faf46338

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 0.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-120

Status published

Products (16)

linux/Kernel 5.6.0 - 6.1.120linux

linux/Kernel 6.2.0 - 6.6.64linux

linux/Kernel 6.7.0 - 6.12.4linux

Linux/Linux < 5.6

Linux/Linux 5.15.203 - 5.15.*

Linux/Linux 5.6

Linux/Linux 6.1.120 - 6.1.*

Linux/Linux 6.12.4 - 6.12.*

Linux/Linux 6.13

Linux/Linux 6.6.64 - 6.6.*

... and 6 more

Published Dec 27, 2024

Tracked Since Feb 18, 2026