CVE-2025-38485

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-38485
In the Linux kernel, the following vulnerability has been resolved: iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush fxls8962af_fifo_flush() uses indio_dev->active_scan_mask (with iio_for_each_active_channel()) without making sure the indio_dev stays in buffer mode. There is a race if indio_dev exits buffer mode in the middle of the interrupt that flushes the fifo. Fix this by calling synchronize_irq() to ensure that no interrupt is currently running when disabling buffer mode. Unable to handle kernel NULL pointer dereference at virtual address 00000000 when read [...] _find_first_bit_le from fxls8962af_fifo_flush+0x17c/0x290 fxls8962af_fifo_flush from fxls8962af_interrupt+0x80/0x178 fxls8962af_interrupt from irq_thread_fn+0x1c/0x7c irq_thread_fn from irq_thread+0x110/0x1f4 irq_thread from kthread+0xe0/0xfc kthread from ret_from_fork+0x14/0x2c

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://git.kernel.org/stable/c/1803d372460aaa9ae0188a30c9421d3f157f2f04 Patch
https://git.kernel.org/stable/c/1fe16dc1a2f5057772e5391ec042ed7442966c9a Patch
https://git.kernel.org/stable/c/6ecd61c201b27ad2760b3975437ad2b97d725b98 Patch
https://git.kernel.org/stable/c/bfcda3e1015791b3a63fb4d3aad408da9cf76e8f Patch
https://git.kernel.org/stable/c/dda42f23a8f5439eaac9521ce0531547d880cc54 Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc6:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
History

07 Jan 2026, 16:25

Type Values Removed Values Added
CPE cpe:2.3:o:linux:linux_kernel:6.16:rc6:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc2:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.8
References () https://git.kernel.org/stable/c/1803d372460aaa9ae0188a30c9421d3f157f2f04 - () https://git.kernel.org/stable/c/1803d372460aaa9ae0188a30c9421d3f157f2f04 - Patch
References () https://git.kernel.org/stable/c/1fe16dc1a2f5057772e5391ec042ed7442966c9a - () https://git.kernel.org/stable/c/1fe16dc1a2f5057772e5391ec042ed7442966c9a - Patch
References () https://git.kernel.org/stable/c/6ecd61c201b27ad2760b3975437ad2b97d725b98 - () https://git.kernel.org/stable/c/6ecd61c201b27ad2760b3975437ad2b97d725b98 - Patch
References () https://git.kernel.org/stable/c/bfcda3e1015791b3a63fb4d3aad408da9cf76e8f - () https://git.kernel.org/stable/c/bfcda3e1015791b3a63fb4d3aad408da9cf76e8f - Patch
References () https://git.kernel.org/stable/c/dda42f23a8f5439eaac9521ce0531547d880cc54 - () https://git.kernel.org/stable/c/dda42f23a8f5439eaac9521ce0531547d880cc54 - Patch
References () https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html - () https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html - Third Party Advisory
First Time Linux
Debian
Debian debian Linux
Linux linux Kernel
CWE CWE-416

03 Nov 2025, 18:16

Type Values Removed Values Added
References
  • () https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html -

29 Jul 2025, 14:14

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iio: accel: fxls8962af: Se corrige el use-after-free en fxls8962af_fifo_flush. fxls8962af_fifo_flush() usa indio_dev->active_scan_mask (con iio_for_each_active_channel()) sin asegurarse de que indio_dev permanezca en modo búfer. Se produce una ejecución si indio_dev sale del modo búfer en medio de la interrupción que vacía el fifo. Se corrige esto llamando a synchronize_irq() para garantizar que no haya ninguna interrupción en ejecución al deshabilitar el modo búfer. No se puede manejar la desreferencia del puntero NULL del núcleo en la dirección virtual 00000000 al leer [...] _find_first_bit_le de fxls8962af_fifo_flush+0x17c/0x290 fxls8962af_fifo_flush de fxls8962af_interrupt+0x80/0x178 fxls8962af_interrupt de irq_thread_fn+0x1c/0x7c irq_thread_fn de irq_thread+0x110/0x1f4 irq_thread de kthread+0xe0/0xfc kthread de ret_from_fork+0x14/0x2c

28 Jul 2025, 12:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-07-28 12:15

Updated : 2026-01-07 16:25

NVD link : CVE-2025-38485

Mitre link : CVE-2025-38485

CVE.ORG link : CVE-2025-38485

JSON object : View

Products Affected

debian

  • debian_linux

linux

  • linux_kernel
CWE
CWE-416

Use After Free