CVE-2025-38485

HIGH

Linux Kernel 5.14-6.1.147 6.2-6.6.100 6.7-6.12.40 6.13-6.15.8 - Use-After-Free in fxls8962af_fifo_flush

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush fxls8962af_fifo_flush() uses indio_dev->active_scan_mask (with iio_for_each_active_channel()) without making sure the indio_dev stays in buffer mode. There is a race if indio_dev exits buffer mode in the middle of the interrupt that flushes the fifo. Fix this by calling synchronize_irq() to ensure that no interrupt is currently running when disabling buffer mode. Unable to handle kernel NULL pointer dereference at virtual address 00000000 when read [...] _find_first_bit_le from fxls8962af_fifo_flush+0x17c/0x290 fxls8962af_fifo_flush from fxls8962af_interrupt+0x80/0x178 fxls8962af_interrupt from irq_thread_fn+0x1c/0x7c irq_thread_fn from irq_thread+0x110/0x1f4 irq_thread from kthread+0xe0/0xfc kthread from ret_from_fork+0x14/0x2c

References (6)

Core 6

Scores

CVSS v3 7.8
EPSS 0.0007
EPSS Percentile 21.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-416
Status published
Products (19)
debian/debian_linux 11.0
linux/Kernel 5.14.0 - 6.1.147linux
linux/Kernel 6.13.0 - 6.15.8linux
linux/Kernel 6.2.0 - 6.6.100linux
linux/Kernel 6.7.0 - 6.12.40linux
Linux/Linux < 5.14
Linux/Linux 5.14
Linux/Linux 6.1.147 - 6.1.*
Linux/Linux 6.12.40 - 6.12.*
Linux/Linux 6.15.8 - 6.15.*
... and 9 more
Published Jul 28, 2025
Tracked Since Feb 18, 2026