CVE-2025-22082

MEDIUM EPSS 6.1%
Published Apr 16, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Apr 16, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: iio: backend: make sure to NULL terminate stack buffer Make sure to NULL terminate the buffer in iio_backend_debugfs_write_reg() before passing it to sscanf(). It is a stack variable so we should not assume it will 0 initialized.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
6.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 3

VendorProductVersionRange
linuxlinux_kernel*≥6.12  –  <6.12.23
linuxlinux_kernel*≥6.13  –  <6.13.11
linuxlinux_kernel*≥6.14  –  <6.14.2

References 4

  • git.kernel.org https://git.kernel.org/stable/c/035b4989211dc1c8626e186d655ae8ca5141bb73
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/04271a4d2740f98bbe36f82cd3d74677a839d1eb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/df3892e5e861c43d5612728ed259634675b8a71f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fd791c81f410ab1c554686a6f486dc7a176dfe35
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/035b4989211dc1c8626e186d655ae8ca5141bb73
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/04271a4d2740f98bbe36f82cd3d74677a839d1eb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/df3892e5e861c43d5612728ed259634675b8a71f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fd791c81f410ab1c554686a6f486dc7a176dfe35
    Patch