CVE-2025-40221
Linux Kernel - Information Exposure via Uninitialized Stack Data in mg4b Driver
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: media: pci: mg4b: fix uninitialized iio scan data Fix potential leak of uninitialized stack data to userspace by ensuring that the `scan` structure is zeroed before use.
References (3)
Core 3
Scores
EPSS
0.0016
EPSS Percentile
5.6%
Details
Status
published
Products (10)
linux/Kernel
6.13.0 - 6.17.4linux
linux/Kernel
6.7.0 - 6.12.54linux
Linux/Linux
< 6.7
Linux/Linux
0ab13674a9bd10514486cf1670d71dbd8afec421 - b792eba44494b4e6ab5006013335f9819f303b8b
Linux/Linux
0ab13674a9bd10514486cf1670d71dbd8afec421 - b7f82da7f86479cb6479a76ebe213ece7c77398f
Linux/Linux
0ab13674a9bd10514486cf1670d71dbd8afec421 - c0d3f6969bb4d72476cfe7ea9263831f1c283704
Linux/Linux
6.12.54 - 6.12.*
Linux/Linux
6.17.4 - 6.17.*
Linux/Linux
6.18
Linux/Linux
6.7
Published
Dec 04, 2025
Tracked Since
Feb 18, 2026