Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-68330— iio: accel: bmc150: Fix irq assumption regression

EPSS 0.05% · P15
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-68330

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
iio: accel: bmc150: Fix irq assumption regression
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: iio: accel: bmc150: Fix irq assumption regression The code in bmc150-accel-core.c unconditionally calls bmc150_accel_set_interrupt() in the iio_buffer_setup_ops, such as on the runtime PM resume path giving a kernel splat like this if the device has no interrupts: Unable to handle kernel NULL pointer dereference at virtual address 00000001 when read PC is at bmc150_accel_set_interrupt+0x98/0x194 LR is at __pm_runtime_resume+0x5c/0x64 (...) Call trace: bmc150_accel_set_interrupt from bmc150_accel_buffer_postenable+0x40/0x108 bmc150_accel_buffer_postenable from __iio_update_buffers+0xbe0/0xcbc __iio_update_buffers from enable_store+0x84/0xc8 enable_store from kernfs_fop_write_iter+0x154/0x1b4 This bug seems to have been in the driver since the beginning, but it only manifests recently, I do not know why. Store the IRQ number in the state struct, as this is a common pattern in other drivers, then use this to determine if we have IRQ support or not.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于bmc150加速度计中断假设错误,可能导致内核空指针取消引用。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux c16bff4844ffa678ba0c9d077e9797506924ccdd ~ aad9d048a3211c48ec02efa405bf462856feb862 -
LinuxLinux 4.2 -

II. Public POCs for CVE-2025-68330

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2025-68330

登录查看更多情报信息。

Same Patch Batch · Linux · 2025-12-22 · 12 CVEs total

CVE-2025-68337jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted
CVE-2025-68336locking/spinlock/debug: Fix data-race in do_raw_write_lock
CVE-2025-68335comedi: pcl818: fix null-ptr-deref in pcl818_ai_cancel()
CVE-2025-68334platform/x86/amd/pmc: Add support for Van Gogh SoC
CVE-2025-68333sched_ext: Fix possible deadlock in the deferred_irq_workfn()
CVE-2025-68332comedi: c6xdigio: Fix invalid PNP driver unregistration
CVE-2025-68331usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transf
CVE-2025-68329tracing: Fix WARN_ON in tracing_buffers_mmap_close for split VMAs
CVE-2025-68328firmware: stratix10-svc: fix bug in saving controller data
CVE-2025-68327usb: renesas_usbhs: Fix synchronous external abort on unbind
CVE-2025-68326drm/xe/guc: Fix stack_depot usage

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2025-68330

No comments yet

Leave a comment