Description
In the Linux kernel, the following vulnerability has been resolved:

iio: imu: adis: Fix NULL pointer dereference in adis_init

The adis_init() function dereferences adis->ops to check if the
individual function pointers (write, read, reset) are NULL, but does
not first check if adis->ops itself is NULL.

Drivers like adis16480, adis16490, adis16545 and others do not set
custom ops and rely on adis_init() assigning the defaults. Since struct
adis is zero-initialized by devm_iio_device_alloc(), adis->ops is NULL
when adis_init() is called, causing a NULL pointer dereference:

Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000
pc : adis_init+0xc0/0x118
Call trace:
adis_init+0xc0/0x118
adis16480_probe+0xe0/0x670

Fix this by checking if adis->ops is NULL before dereferencing it,
falling through to assign the default ops in that case.
Published: 2026-05-08
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability arises from a NULL pointer dereference in the adis driver initialization routine. When the driver initialization runs, it presumes an operation structure is present and immediately dereferences it to inspect function pointers. If that ops pointer is null—as occurs when the driver has not yet provided custom operations—a kernel panic occurs. This outcome results in a loss of kernel stability, effectively denying service to the host. The weakness corresponds to a classic Null Pointer Dereference. Based on the description, it is inferred that the attack vector involves local or privileged interaction with the ADIS driver during its initialization.

Affected Systems

All Linux kernel installations that include the IIO IMU drivers for ADIS devices such as adis16480, adis16490, adis16545, and related sensors are affected. The flaw exists in any kernel that incorporates these drivers without the recent patch, regardless of distribution or vendor kernel version. The precise range of affected kernel versions is not specified in the advisory, but any build compiled with the unpatched code is vulnerable.

Risk and Exploitability

The CVE description does not specify an attack vector. Based on the description, it is inferred that exploitation requires local or privileged interaction with the ADIS driver during its initialization. The exploit path requires access to the device driver subsystem, which generally implies local or privileged access to the machine. No public exploits or vulnerability exploitation guide are known, and the EPSS score is 0.00022, indicating a very low probability of exploitation, so the likelihood of an attacker successfully leveraging this flaw is uncertain. The issue is not listed in the CISA Known Exploited Vulnerabilities catalog. Nonetheless, the kernel crash could be triggered by a malicious device or software component that interacts with the ADIS sensors, so the risk remains significant for systems that rely on persistent availability. The CVSS score of 5.5 indicates moderate severity.

Generated by OpenCVE AI on May 15, 2026 at 18:36 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the kernel to a version containing the adis NULL pointer dereference fix, or apply the specific commit that adds the NULL check to adis_init; obtain the patch from the commit referenced in the advisory links.
  • Rebuild or reinstall the affected IIO drivers using the patched source so that the default operation structure is correctly assigned.
  • Temporarily blacklist or unload the adis kernel modules until the kernel is updated to avoid panic if the sensor is present.

Generated by OpenCVE AI on May 15, 2026 at 18:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 15 May 2026 16:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Tue, 12 May 2026 00:15:00 +0000

Type Values Removed Values Added
References

Fri, 08 May 2026 18:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476

Fri, 08 May 2026 14:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: iio: imu: adis: Fix NULL pointer dereference in adis_init The adis_init() function dereferences adis->ops to check if the individual function pointers (write, read, reset) are NULL, but does not first check if adis->ops itself is NULL. Drivers like adis16480, adis16490, adis16545 and others do not set custom ops and rely on adis_init() assigning the defaults. Since struct adis is zero-initialized by devm_iio_device_alloc(), adis->ops is NULL when adis_init() is called, causing a NULL pointer dereference: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 pc : adis_init+0xc0/0x118 Call trace: adis_init+0xc0/0x118 adis16480_probe+0xe0/0x670 Fix this by checking if adis->ops is NULL before dereferencing it, falling through to assign the default ops in that case.
Title iio: imu: adis: Fix NULL pointer dereference in adis_init
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-11T22:22:59.595Z

Reserved: 2026-05-01T14:12:56.005Z

Link: CVE-2026-43356

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-05-08T15:16:46.367

Modified: 2026-05-15T16:02:39.450

Link: CVE-2026-43356

cve-icon Redhat

Severity :

Publid Date: 2026-05-08T00:00:00Z

Links: CVE-2026-43356 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-15T18:45:05Z

Weaknesses