Bug 2360929 (CVE-2025-40114) - CVE-2025-40114 kernel: iio: light: Add check for array bounds in veml6075_read_int_time_ms
Summary: CVE-2025-40114 kernel: iio: light: Add check for array bounds in veml6075_rea...
Keywords:
Status: NEW
Alias: CVE-2025-40114
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-04-18 08:01 UTC by OSIDB Bzimport
Modified: 2025-05-16 14:15 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description OSIDB Bzimport 2025-04-18 08:01:40 UTC 
In the Linux kernel, the following vulnerability has been resolved:

iio: light: Add check for array bounds in veml6075_read_int_time_ms

The array contains only 5 elements, but the index calculated by
veml6075_read_int_time_index can range from 0 to 7,
which could lead to out-of-bounds access. The check prevents this issue.

Coverity Issue
CID 1574309: (#1 of 1): Out-of-bounds read (OVERRUN)
overrun-local: Overrunning array veml6075_it_ms of 5 4-byte
elements at element index 7 (byte offset 31) using
index int_index (which evaluates to 7)

This is hardening against potentially broken hardware. Good to have
but not necessary to backport.
Comment 1 Avinash Hanwate 2025-04-18 13:10:39 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025041822-CVE-2025-40114-000e@gregkh/T
Note You need to log in before you can comment on or make changes to this bug.