Linux Kernel ADXL380 Driver FIFO Entry Reading Vulnerability

A vulnerability exists in the Linux kernel's ADXL380 accelerometer driver, specifically in how the interrupt handler processes FIFO (First In, First Out) entries. The driver reads FIFO data in batches based on the number of enabled scan elements. However, the ADXL380 sensor populates the FIFO one sample at a time, leading to a mismatch. This can cause the driver to read more entries than are actually available, potentially resulting in incorrect data handling. The issue affects the Linux kernel stable tree.

Impact

The vulnerability can lead to reading more FIFO entries than are actually present, causing potential data integrity issues in applications relying on the ADXL380 sensor.

Reproduction

The vulnerability can be reproduced by enabling multiple channels on the ADXL380 accelerometer while the Linux kernel is running a version with the vulnerable driver. The interrupt handler will then read FIFO entries in batches, potentially exceeding the actual number of available samples.

Remediation

The vulnerability has been addressed in the Linux kernel. Users can upgrade to the latest version to apply the fix.