Description
In the Linux kernel, the following vulnerability has been resolved:

iio: frequency: admv1013: fix NULL pointer dereference on str

When device_property_read_string() fails, str is left uninitialized
but the code falls through to strcmp(str, ...), dereferencing a garbage
pointer. Replace manual read/strcmp with
device_property_match_property_string() and consolidate the SE mode
enums into a single sequential enum, mapping to hardware register
values via a switch consistent with other bitfields in the driver.

Several cleanup patches have been applied to this driver recently so
this will need a manual backport.
Published: 2026-06-08
Score: n/a
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The kernel driver for the admv1013 IIO device performs a string comparison on a pointer that may not be initialized. When device_property_read_string() fails, the pointer remains unset and the code falls through to a strcmp call, dereferencing a null or garbage pointer and causing a kernel fault that brings the system down.

Affected Systems

All Linux kernels with the admv1013 driver could be vulnerable. No specific version range is provided; any kernel that has not incorporated the recent patches may still contain the flaw.

Risk and Exploitability

The fault results in a kernel crash, leading to denial of service. The CVE does not provide explicit information on exploitation difficulty or likelihood. EPSS is not available and the issue is not listed in CISA KEV. Based on the description, the fault is triggered during a device property read, so a local user with access to the admv1013 IIO device could potentially trigger the crash. No public exploitation has been reported.

Generated by OpenCVE AI on June 9, 2026 at 03:28 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the backported patch that replaces the unsafe string handling with device_property_match_property_string() and corrects enum handling.
  • Upgrade the Linux kernel to a version that includes the fixed admv1013 driver.
  • If the admv1013 device is not required, disable or unload the driver to eliminate the vulnerable code path.

Generated by OpenCVE AI on June 9, 2026 at 03:28 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 09 Jun 2026 02:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476

Tue, 09 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-824
References

Mon, 08 Jun 2026 19:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476

Mon, 08 Jun 2026 17:00:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: iio: frequency: admv1013: fix NULL pointer dereference on str When device_property_read_string() fails, str is left uninitialized but the code falls through to strcmp(str, ...), dereferencing a garbage pointer. Replace manual read/strcmp with device_property_match_property_string() and consolidate the SE mode enums into a single sequential enum, mapping to hardware register values via a switch consistent with other bitfields in the driver. Several cleanup patches have been applied to this driver recently so this will need a manual backport.
Title iio: frequency: admv1013: fix NULL pointer dereference on str
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-14T18:06:09.453Z

Reserved: 2026-05-13T15:03:33.110Z

Link: CVE-2026-46282

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-08T17:16:45.940

Modified: 2026-06-08T17:16:45.940

Link: CVE-2026-46282

cve-icon Redhat

Severity :

Publid Date: 2026-06-08T00:00:00Z

Links: CVE-2026-46282 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T03:30:16Z

Weaknesses
  • CWE-824

    Access of Uninitialized Pointer