Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: iio: light: as73211: Ensure buffer holes are zeroed Given that the buffer is copied to a kfifo that ultimately user space can read, ensure we zero it.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 5.10, < 5.10.241 |
| Debian | Debian Linux | 11.0 |
References
- https://git.kernel.org/stable/c/433b99e922943efdfd62b9a8e3ad1604838181f2Patch
- https://git.kernel.org/stable/c/83f14c4ca1ad78fcfb3e0de07d6d8a0c59550fc2Patch
- https://git.kernel.org/stable/c/8acd9a0eaa8c9a28e385c0a6a56bb821cb549771Patch
- https://git.kernel.org/stable/c/99b508340d0d1b9de0856c48c77898b14c0df7cfPatch
- https://git.kernel.org/stable/c/cce55ca4e7a221d5eb2c0b757a868eacd6344e4aPatch
- https://git.kernel.org/stable/c/d8c5d87a431596e0e02bd7fe3bff952b002a03bbPatch
- https://git.kernel.org/stable/c/fd441fd972067f80861a0b66605c0febb0d038ddPatch
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.htmlMailing ListThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.htmlMailing ListThird Party Advisory
- https://cert-portal.siemens.com/productcert/html/ssa-032379.html
FAQ
What is CVE-2025-39687?
CVE-2025-39687 is a vulnerability with a CVSS score of 7.1 (HIGH). In the Linux kernel, the following vulnerability has been resolved: iio: light: as73211: Ensure buffer holes are zeroed Given that the buffer is copied to a kfifo that ultimately user space can read...
How severe is CVE-2025-39687?
CVE-2025-39687 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-39687?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Debian Debian Linux.