CVE-2024-57905

The 'scan' local struct is used to push data to user space from a triggered buffer, but it has a hole between the sample (unsigned int) and the timestamp. This hole is never initialized.

Initialize the struct to zero before using it to avoid pushing uninitialized information to userspace.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

a9306887eba41c5fe7232727a8147da3d3c4f83c

Fixed

2f1687cca911a2f294313c762e0646cd9e7be8cc

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

a9306887eba41c5fe7232727a8147da3d3c4f83c

Fixed

75f339d3ecd38cb1ce05357d647189d4a7f7ed08

Affected versions

v6.*

v6.10

v6.10-rc5

v6.10-rc6

v6.10-rc7

v6.11

v6.11-rc1

v6.11-rc2

v6.11-rc3

v6.11-rc4

v6.11-rc5

v6.11-rc6

v6.11-rc7

v6.12

v6.12-rc1

v6.12-rc2

v6.12-rc3

v6.12-rc4

v6.12-rc5

v6.12-rc6

v6.12-rc7

v6.12.1

v6.12.2

v6.12.3

v6.12.4

v6.12.5

v6.12.6

v6.12.7

v6.12.8

v6.12.9

v6.13-rc1

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "deprecated": false,
        "id": "CVE-2024-57905-0ee74b66",
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@75f339d3ecd38cb1ce05357d647189d4a7f7ed08",
        "digest": {
            "length": 799.0,
            "function_hash": "175183704347180307001317377997658078775"
        },
        "target": {
            "file": "drivers/iio/adc/ti-ads1119.c",
            "function": "ads1119_trigger_handler"
        }
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "id": "CVE-2024-57905-4b37c845",
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2f1687cca911a2f294313c762e0646cd9e7be8cc",
        "digest": {
            "length": 799.0,
            "function_hash": "175183704347180307001317377997658078775"
        },
        "target": {
            "file": "drivers/iio/adc/ti-ads1119.c",
            "function": "ads1119_trigger_handler"
        }
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "id": "CVE-2024-57905-70d45b2b",
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2f1687cca911a2f294313c762e0646cd9e7be8cc",
        "digest": {
            "line_hashes": [
                "246309449045190200707852952908563391542",
                "327054163502753959408905941531420982709",
                "132886100468786575592785668182532215374"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "drivers/iio/adc/ti-ads1119.c"
        }
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "id": "CVE-2024-57905-db830e34",
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@75f339d3ecd38cb1ce05357d647189d4a7f7ed08",
        "digest": {
            "line_hashes": [
                "246309449045190200707852952908563391542",
                "327054163502753959408905941531420982709",
                "132886100468786575592785668182532215374"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "drivers/iio/adc/ti-ads1119.c"
        }
    }
]

CVE-2024-57905

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Affected versions

v6.*

Database specific

vanir_signatures

Linux / Kernel

Package

Affected ranges