CVE-2025-40221

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

04/12/2025

Last modified:

04/12/2025

Description

In the Linux kernel, the following vulnerability has been resolved: media: pci: mg4b: fix uninitialized iio scan data Fix potential leak of uninitialized stack data to userspace by ensuring that the `scan` structure is zeroed before use.

Impact

References to Advisories, Solutions, and Tools

https://git.kernel.org/stable/c/b792eba44494b4e6ab5006013335f9819f303b8b
https://git.kernel.org/stable/c/b7f82da7f86479cb6479a76ebe213ece7c77398f
https://git.kernel.org/stable/c/c0d3f6969bb4d72476cfe7ea9263831f1c283704