VYPR
High severity7.1NVD Advisory· Published Jan 19, 2025· Updated Jun 17, 2026

CVE-2024-57909

CVE-2024-57909

Description

In the Linux kernel, the following vulnerability has been resolved:

iio: light: bh1745: fix information leak in triggered buffer

The 'scan' local struct is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values.

Initialize the struct to zero before using it to avoid pushing uninitialized information to userspace.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.