CVE-2025-71198Linux vulnerability

7 documents6 sources
Severity
N/A
No vector
EPSS
0.0%
top 92.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedFeb 4

Description

In the Linux kernel, the following vulnerability has been resolved: iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection The st_lsm6dsx_acc_channels array of struct iio_chan_spec has a non-NULL event_spec field, indicating support for IIO events. However, event detection is not supported for all sensors, and if userspace tries to configure accelerometer wakeup events on a sensor device that does not support them (e.g. LSM6DS0), st_lsm6dsx_write_event() dereferences a NUL

Affected Packages4 packages

Linuxlinux/linux_kernel5.5.06.6.122+2
Debianlinux/linux_kernel< 6.12.69-1+1
CVEListV5linux/linuxb5969abfa8b8ed43ebd93479d394f664bd4a5a877673167fac9323110973a3300637adba7d45de3a+4
debiandebian/linux< linux 6.18.8-1 (forky)

🔴Vulnerability Details

3
OSV
iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection2026-02-04
GHSA
GHSA-ph76-p2v9-4hmx: In the Linux kernel, the following vulnerability has been resolved: iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection The2026-02-04
OSV
CVE-2025-71198: In the Linux kernel, the following vulnerability has been resolved: iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection The st2026-02-04

📋Vendor Advisories

2
Red Hat
kernel: iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection2026-02-04
Debian
CVE-2025-71198: linux - In the Linux kernel, the following vulnerability has been resolved: iio: imu: s...2025

🕵️Threat Intelligence

1
Wiz
CVE-2025-71198 Impact, Exploitability, and Mitigation Steps | Wiz