Acknowledged
Created: Sep 7, 2025
Updated: Sep 8, 2025
Found In Version: 10.24.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 24
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:EOL][EOL]iio: imu: bno055: fix OOB access of hw_xlate array[EOL][EOL]Fix a potential out-of-bounds array access of the hw_xlate array in[EOL]bno055.c.[EOL][EOL]In bno055_get_regmask(), hw_xlate was iterated over the length of the[EOL]vals array instead of the length of the hw_xlate array. In the case of[EOL]bno055_gyr_scale, the vals array is larger than the hw_xlate array,[EOL]so this could result in an out-of-bounds access. In practice, this[EOL]shouldn't happen though because a match should always be found which[EOL]breaks out of the for loop before it iterates beyond the end of the[EOL]hw_xlate array.[EOL][EOL]By adding a new hw_xlate_len field to the bno055_sysfs_attr, we can be[EOL]sure we are iterating over the correct length.
CREATE(Triage):(User=admin) [CVE-2025-39719 (https://nvd.nist.gov/vuln/detail/CVE-2025-39719)
