CVE-2025-39687 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved:

iio: light: as73211: Ensure buffer holes are zeroed

Given that the buffer is copied to a kfifo that ultimately user space
can read, ensure we zero it.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/433b99e922943efdfd62b9a8e3ad1604838181f2
https://git.kernel.org/stable/c/83f14c4ca1ad78fcfb3e0de07d6d8a0c59550fc2
https://git.kernel.org/stable/c/8acd9a0eaa8c9a28e385c0a6a56bb821cb549771
https://git.kernel.org/stable/c/99b508340d0d1b9de0856c48c77898b14c0df7cf
https://git.kernel.org/stable/c/cce55ca4e7a221d5eb2c0b757a868eacd6344e4a
https://git.kernel.org/stable/c/d8c5d87a431596e0e02bd7fe3bff952b002a03bb
https://git.kernel.org/stable/c/fd441fd972067f80861a0b66605c0febb0d038dd

History

Fri, 05 Sep 2025 17:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: iio: light: as73211: Ensure buffer holes are zeroed Given that the buffer is copied to a kfifo that ultimately user space can read, ensure we zero it.
Title		iio: light: as73211: Ensure buffer holes are zeroed
References		https://git.kernel.org/stable/c/433b99e922943efdfd62b9a8e3ad1604838181f2 https://git.kernel.org/stable/c/83f14c4ca1ad78fcfb3e0de07d6d8a0c59550fc2 https://git.kernel.org/stable/c/8acd9a0eaa8c9a28e385c0a6a56bb821cb549771 https://git.kernel.org/stable/c/99b508340d0d1b9de0856c48c77898b14c0df7cf https://git.kernel.org/stable/c/cce55ca4e7a221d5eb2c0b757a868eacd6344e4a https://git.kernel.org/stable/c/d8c5d87a431596e0e02bd7fe3bff952b002a03bb https://git.kernel.org/stable/c/fd441fd972067f80861a0b66605c0febb0d038dd

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-09-05T17:20:54.154Z

Updated: 2025-09-05T17:20:54.154Z

Reserved: 2025-04-16T07:20:57.113Z

Link: CVE-2025-39687

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-09-05T18:15:45.433

Modified: 2025-09-05T18:15:45.433

Link: CVE-2025-39687

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-39687", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T07:20:57.113Z", "datePublished": "2025-09-05T17:20:54.154Z", "dateUpdated": "2025-09-05T17:20:54.154Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-09-05T17:20:54.154Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: light: as73211: Ensure buffer holes are zeroed\n\nGiven that the buffer is copied to a kfifo that ultimately user space\ncan read, ensure we zero it."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/iio/light/as73211.c"], "versions": [{"version": "403e5586b52e466893ce3a7b7f3a3ecdc4c82d3e", "lessThan": "fd441fd972067f80861a0b66605c0febb0d038dd", "status": "affected", "versionType": "git"}, {"version": "403e5586b52e466893ce3a7b7f3a3ecdc4c82d3e", "lessThan": "d8c5d87a431596e0e02bd7fe3bff952b002a03bb", "status": "affected", "versionType": "git"}, {"version": "403e5586b52e466893ce3a7b7f3a3ecdc4c82d3e", "lessThan": "83f14c4ca1ad78fcfb3e0de07d6d8a0c59550fc2", "status": "affected", "versionType": "git"}, {"version": "403e5586b52e466893ce3a7b7f3a3ecdc4c82d3e", "lessThan": "99b508340d0d1b9de0856c48c77898b14c0df7cf", "status": "affected", "versionType": "git"}, {"version": "403e5586b52e466893ce3a7b7f3a3ecdc4c82d3e", "lessThan": "cce55ca4e7a221d5eb2c0b757a868eacd6344e4a", "status": "affected", "versionType": "git"}, {"version": "403e5586b52e466893ce3a7b7f3a3ecdc4c82d3e", "lessThan": "8acd9a0eaa8c9a28e385c0a6a56bb821cb549771", "status": "affected", "versionType": "git"}, {"version": "403e5586b52e466893ce3a7b7f3a3ecdc4c82d3e", "lessThan": "433b99e922943efdfd62b9a8e3ad1604838181f2", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/iio/light/as73211.c"], "versions": [{"version": "5.10", "status": "affected"}, {"version": "0", "lessThan": "5.10", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.241", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.190", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.149", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.103", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.44", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.16.4", "lessThanOrEqual": "6.16.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.17-rc3", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "5.10.241"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "5.15.190"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "6.1.149"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "6.6.103"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "6.12.44"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "6.16.4"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "6.17-rc3"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/fd441fd972067f80861a0b66605c0febb0d038dd"}, {"url": "https://git.kernel.org/stable/c/d8c5d87a431596e0e02bd7fe3bff952b002a03bb"}, {"url": "https://git.kernel.org/stable/c/83f14c4ca1ad78fcfb3e0de07d6d8a0c59550fc2"}, {"url": "https://git.kernel.org/stable/c/99b508340d0d1b9de0856c48c77898b14c0df7cf"}, {"url": "https://git.kernel.org/stable/c/cce55ca4e7a221d5eb2c0b757a868eacd6344e4a"}, {"url": "https://git.kernel.org/stable/c/8acd9a0eaa8c9a28e385c0a6a56bb821cb549771"}, {"url": "https://git.kernel.org/stable/c/433b99e922943efdfd62b9a8e3ad1604838181f2"}], "title": "iio: light: as73211: Ensure buffer holes are zeroed", "x_generator": {"engine": "bippy-1.2.0"}}}}