CVE - CVE-2024-57911

CVE-ID
CVE-2024-57911	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer The 'data' array is allocated via kmalloc() and it is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. Use kzalloc for the memory allocation to avoid pushing uninitialized information to userspace.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/006073761888a632c5d6f93e47c41760fa627f77 URL:https://git.kernel.org/stable/c/006073761888a632c5d6f93e47c41760fa627f77 MISC:https://git.kernel.org/stable/c/03fa47621bf8fcbf5994c5716021527853f9af3d URL:https://git.kernel.org/stable/c/03fa47621bf8fcbf5994c5716021527853f9af3d MISC:https://git.kernel.org/stable/c/333be433ee908a53f283beb95585dfc14c8ffb46 URL:https://git.kernel.org/stable/c/333be433ee908a53f283beb95585dfc14c8ffb46 MISC:https://git.kernel.org/stable/c/74058395b2c63c8a438cf199d09094b640f8c7f4 URL:https://git.kernel.org/stable/c/74058395b2c63c8a438cf199d09094b640f8c7f4 MISC:https://git.kernel.org/stable/c/b0642d9c871aea1f28eb02cd84d60434df594f67 URL:https://git.kernel.org/stable/c/b0642d9c871aea1f28eb02cd84d60434df594f67 MISC:https://git.kernel.org/stable/c/e1c1e8c05010103c9c9ea3e9c4304b0b7e2c8e4a URL:https://git.kernel.org/stable/c/e1c1e8c05010103c9c9ea3e9c4304b0b7e2c8e4a MISC:https://git.kernel.org/stable/c/ea703cda36da0dacb9a2fd876370003197d8a019 URL:https://git.kernel.org/stable/c/ea703cda36da0dacb9a2fd876370003197d8a019
Assigning CNA
kernel.org
Date Record Created
20250119	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20250119)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Use of the CVE™ List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2025, The MITRE Corporation. CVE is a trademark and the CVE logo is a registered trademark of The MITRE Corporation.