Linux Kernel AD4851 Channel Pointer Handling Vulnerability in IIO ADC AD4858

Vulnerability

A vulnerability in the Linux kernel's IIO ADC AD4851 driver has been addressed. The issue arose in the AD4858 channel pointer handling, where the pointer returned from the channel parsing function was improperly incremented. This mismanagement caused the channel pointer to exceed the bounds of the allocated array, leading to potential memory corruption or undefined behavior. The vulnerability has been fixed by modifying the channel iteration to use an explicit index, ensuring that the original pointer base is preserved and all channel metadata is accurately set.

Impact

The vulnerability could have led to memory corruption or undefined behavior due to the channel pointer being set beyond the allocated array's end.

Added: Jul 3, 2025, 10:33 AM

Updated: Jul 3, 2025, 10:33 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel AD4851 Channel Pointer Handling Vulnerability in IIO ADC AD4858

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating