Linux Kernel Information Leak Vulnerability in IIO ADC TI-ADS1119

Vulnerability

A vulnerability in the Linux kernel's IIO ADC TI-ADS1119 driver has been addressed, which involved an information leak from the triggered buffer to user space. The issue arose because the 'scan' local structure, used to transfer data, contained an uninitialized gap between the sample and the timestamp. This gap could inadvertently expose uninitialized data to user space. The vulnerability has been resolved by initializing the structure to zero before use.

Impact

The vulnerability could lead to an unintentional disclosure of uninitialized memory contents to user space, potentially allowing for the leakage of sensitive information.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Information Leak Vulnerability in IIO ADC TI-ADS1119

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating