{"id":"CVE-2024-57911","summary":"iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer","details":"In the Linux kernel, the following vulnerability has been resolved:\n\niio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer\n\nThe 'data' array is allocated via kmalloc() and it is used to push data\nto user space from a triggered buffer, but it does not set values for\ninactive channels, as it only uses iio_for_each_active_channel()\nto assign new values.\n\nUse kzalloc for the memory allocation to avoid pushing uninitialized\ninformation to userspace.","modified":"2026-04-16T04:33:39.795236365Z","published":"2025-01-19T11:52:33.806Z","related":["SUSE-SU-2025:0289-1","SUSE-SU-2025:0428-1","SUSE-SU-2025:0499-1","SUSE-SU-2025:0557-1","SUSE-SU-2025:20165-1","SUSE-SU-2025:20166-1","SUSE-SU-2025:20248-1","SUSE-SU-2025:20249-1","USN-7379-2","USN-7380-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/57xxx/CVE-2024-57911.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/006073761888a632c5d6f93e47c41760fa627f77"},{"type":"WEB","url":"https://git.kernel.org/stable/c/03fa47621bf8fcbf5994c5716021527853f9af3d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/333be433ee908a53f283beb95585dfc14c8ffb46"},{"type":"WEB","url":"https://git.kernel.org/stable/c/74058395b2c63c8a438cf199d09094b640f8c7f4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b0642d9c871aea1f28eb02cd84d60434df594f67"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e1c1e8c05010103c9c9ea3e9c4304b0b7e2c8e4a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ea703cda36da0dacb9a2fd876370003197d8a019"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/57xxx/CVE-2024-57911.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-57911"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"415f792447572ef1949a3cef5119bbce8cc66373"},{"fixed":"03fa47621bf8fcbf5994c5716021527853f9af3d"},{"fixed":"e1c1e8c05010103c9c9ea3e9c4304b0b7e2c8e4a"},{"fixed":"006073761888a632c5d6f93e47c41760fa627f77"},{"fixed":"b0642d9c871aea1f28eb02cd84d60434df594f67"},{"fixed":"74058395b2c63c8a438cf199d09094b640f8c7f4"},{"fixed":"ea703cda36da0dacb9a2fd876370003197d8a019"},{"fixed":"333be433ee908a53f283beb95585dfc14c8ffb46"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-57911.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}]}