VDB

DEBIAN-CVE-2024-57912

DEBIAN-CVE-2024-57912 PUBLISHED CVSS 7.099999904632568 HIGH

In the Linux kernel, the following vulnerability has been resolved: iio: pressure: zpa2326: fix information leak in triggered buffer The 'sample' local struct is used to push data to user space from a triggered buffer, but it has a hole between the temperature and the timestamp (u32 pressure, u16 temperature, GAP, u64 timestamp). This hole is never initialized. Initialize the struct to zero before using it to avoid pushing uninitialized information to userspace.

Risk Scores

CVSS 3.1
7.099999904632568
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Affected Products

VendorProductVersions
Debian:13linux0, 0
Debian:14linux0, 0
Debian:11linux5.10.158-1, 5.10.140-1, 5.10.148-1
Debian:11linux-6.10, 6.1.106-3~deb11u1, 6.1.106-3~deb11u3
Debian:12linux6.1.64-1, 6.1.66-1, 6.1.67-1

Exploit Intelligence

Timeline

  • Jan 19, 2025 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›