CVE-2026-46282 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: iio: frequency: admv1013: fix NULL pointer dereference on str When device_property_read_string() fails, str is left uninitialized but the code falls through to strcmp(str, ...), dereferencing a garbage pointer. Replace manual read/strcmp with device_property_match_property_string() and consolidate the SE mode enums into a single sequential enum, mapping to hardware register values via a switch consistent with other bitfields in the driver. Several cleanup patches have been applied to this driver recently so this will need a manual backport.

PUBLISHED Reserved 2026-05-13 | Published 2026-06-08 | Updated 2026-06-08 | Assigner Linux

Product status

Default status

unaffected

da35a7b526d9b258a2cb8b7816f736a41b32176b (git) before 3a9d8ec2051c2d80158ed7bded5e158c42870037

affected

da35a7b526d9b258a2cb8b7816f736a41b32176b (git) before 5e9f1bad26df3d3afb3cbbfa408b6d6e809708ac

affected

da35a7b526d9b258a2cb8b7816f736a41b32176b (git) before 2dc8d26690bf4e7226409563221c37bc095c94ff

affected

da35a7b526d9b258a2cb8b7816f736a41b32176b (git) before aac0a51b16700b403a55b67ba495de021db78763

affected

Default status

affected

5.17

affected

Any version before 5.17

unaffected

6.12.86 (semver)

unaffected

6.18.27 (semver)

unaffected

7.0.4 (semver)

unaffected

7.1-rc1 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/3a9d8ec2051c2d80158ed7bded5e158c42870037

git.kernel.org/...c/5e9f1bad26df3d3afb3cbbfa408b6d6e809708ac

git.kernel.org/...c/2dc8d26690bf4e7226409563221c37bc095c94ff

git.kernel.org/...c/aac0a51b16700b403a55b67ba495de021db78763

cve.org (CVE-2026-46282)

nvd.nist.gov (CVE-2026-46282)

Download JSON

help @ threatint.eu