{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-39786", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T07:20:57.131Z", "datePublished": "2025-09-11T16:56:35.706Z", "dateUpdated": "2025-09-29T05:59:23.280Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-09-29T05:59:23.280Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: ad7173: fix channels index for syscalib_mode\n\nFix the index used to look up the channel when accessing the\nsyscalib_mode attribute. The address field is a 0-based index (same\nas scan_index) that it used to access the channel in the\nad7173_channels array throughout the driver. The channels field, on\nthe other hand, may not match the address field depending on the\nchannel configuration specified in the device tree and could result\nin an out-of-bounds access."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/iio/adc/ad7173.c"], "versions": [{"version": "031bdc8aee01b7b298159eee541844d8bff4467d", "lessThan": "2def1a8691eb43654da0ae0d2fdb3722e20262a5", "status": "affected", "versionType": "git"}, {"version": "031bdc8aee01b7b298159eee541844d8bff4467d", "lessThan": "0eb8d7b25397330beab8ee62c681975b79f37223", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/iio/adc/ad7173.c"], "versions": [{"version": "6.14", "status": "affected"}, {"version": "0", "lessThan": "6.14", "status": "unaffected", "versionType": "semver"}, {"version": "6.16.4", "lessThanOrEqual": "6.16.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.17", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.14", "versionEndExcluding": "6.16.4"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.14", "versionEndExcluding": "6.17"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/2def1a8691eb43654da0ae0d2fdb3722e20262a5"}, {"url": "https://git.kernel.org/stable/c/0eb8d7b25397330beab8ee62c681975b79f37223"}], "title": "iio: adc: ad7173: fix channels index for syscalib_mode", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "193583C3-9388-4FFF-8341-D8DC6D763A1D", "versionEndExcluding": "6.16.4", "versionStartIncluding": "6.14", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: ad7173: fix channels index for syscalib_mode\n\nFix the index used to look up the channel when accessing the\nsyscalib_mode attribute. The address field is a 0-based index (same\nas scan_index) that it used to access the channel in the\nad7173_channels array throughout the driver. The channels field, on\nthe other hand, may not match the address field depending on the\nchannel configuration specified in the device tree and could result\nin an out-of-bounds access."}], "id": "CVE-2025-39786", "lastModified": "2025-11-25T18:44:51.740", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-09-11T17:15:44.770", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/0eb8d7b25397330beab8ee62c681975b79f37223"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2def1a8691eb43654da0ae0d2fdb3722e20262a5"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: iio: adc: ad7173: fix channels index for syscalib_mode", "id": "2394628", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394628"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["No description is available for this CVE."], "name": "CVE-2025-39786", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-09-11T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-39786\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-39786\nhttps://lore.kernel.org/linux-cve-announce/2025091151-CVE-2025-39786-96c9@gregkh/T"], "threat_severity": "Moderate"}

{"created": "2025-09-12T08:02:41.247716+00:00", "updated": "2025-09-12T08:02:41.247770+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}