CVE-2024-57911

CVE-2024-57911 is an information disclosure vulnerability in the Linux kernel's Industrial I/O (IIO) subsystem, specifically affecting the dummy driver's iio_simply_dummy_buffer component. The flaw occurs because the 'data' array is allocated using kmalloc() to push data from a triggered buffer to userspace, but it only assigns values to active channels via iio_for_each_active_channel(), leaving inactive channels uninitialized. This can result in uninitialized kernel memory being exposed to userspace. The vulnerability carries a CVSS v3.1 base score of 7.1 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H) and is classified under CWE-908 (Use of Uninitialized Resource).

A local attacker with low privileges (PR:L) can exploit this vulnerability by accessing the affected IIO dummy triggered buffer. Exploitation requires local access and low complexity with no user interaction. Successful attacks enable high confidentiality impact through leakage of uninitialized data and high availability impact, within an unchanged security scope.

Mitigation involves applying upstream kernel patches that replace kmalloc() with kzalloc() for the 'data' array allocation, ensuring zero-initialization of inactive channels. Relevant stable branch commits include: https://git.kernel.org/stable/c/006073761888a632c5d6f93e47c41760fa627f77, https://git.kernel.org/stable/c/03fa47621bf8fcbf5994c5716021527853f9af3d, https://git.kernel.org/stable/c/333be433ee908a53f283beb95585dfc14c8ffb46, https://git.kernel.org/stable/c/74058395b2c63c8a438cf199d09094b640f8c7f4, and https://git.kernel.org/stable/c/b0642d9c871aea1f28eb02cd84d60434df594f67.