CVE-2025-37969
Published: May 22, 2025Last modified: May 22, 2025
Description
In the Linux kernel, the following vulnerability has been resolved: iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo Prevent st_lsm6dsx_read_tagged_fifo from falling in an infinite loop in case pattern_len is equal to zero and the device FIFO is not empty.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 5.5 |
| Attack Vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | NONE |
| Integrity impact | NONE |
| Availability impact | HIGH |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Fixed (6.1.140-r0) |
| 25 LTS | linux-lts | Fixed (6.12.41-r0) | |
| Stream | linux-lts | Fixed (6.12.41-r0) |
References
- https://git.kernel.org/stable/c/16857370b3a30663515956b3bd27f3def6a2cf06
- https://git.kernel.org/stable/c/35b8c0a284983b71d92d082c54b7eb655ed4194f
- https://git.kernel.org/stable/c/4db7d923a8c298788181b796f71adf6ca499f966
- https://git.kernel.org/stable/c/76727a1d81afde77d21ea8feaeb12d34605be6f4
- https://git.kernel.org/stable/c/8114ef86e2058e2554111b793596f17bee23fa15
- https://git.kernel.org/stable/c/9ce662851380fe2018e36e15c0bdcb1ad177ed95
- https://git.kernel.org/stable/c/9ddb4cf2192c213e4dba1733bbcdc94cf6d85bf7
- https://git.kernel.org/stable/c/dadf9116108315f2eb14c7415c7805f392c476b4
- https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html