Linux Kernel VEML6075 Light Sensor Driver Array Bounds Vulnerability

Vulnerability

A vulnerability in the Linux kernel's VEML6075 light sensor driver could lead to out-of-bounds access. The issue arises because the driver calculates an index that can range from 0 to 7, while the corresponding array only contains 5 elements. This discrepancy could allow for reading beyond the array's allocated memory. The vulnerability has been addressed by adding a check to ensure the index stays within the valid bounds, preventing potential overrun issues. This hardening measure is particularly important for mitigating risks associated with potentially faulty hardware.

Impact

Exploitation of this vulnerability could lead to out-of-bounds read, allowing for memory overrun issues that could be exploited in various ways, depending on the context.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel VEML6075 Light Sensor Driver Array Bounds Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating