CVE-2025-39786
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-11

Last updated on: 2025-11-25

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7173: fix channels index for syscalib_mode Fix the index used to look up the channel when accessing the syscalib_mode attribute. The address field is a 0-based index (same as scan_index) that it used to access the channel in the ad7173_channels array throughout the driver. The channels field, on the other hand, may not match the address field depending on the channel configuration specified in the device tree and could result in an out-of-bounds access.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-11
Last Modified
2025-11-25
Generated
2026-06-16
AI Q&A
2025-09-11
EPSS Evaluated
2026-06-14
NVD
CVE-2025-39786
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is in the Linux kernel's ad7173 ADC driver. It involves an incorrect index used to access channels when handling the syscalib_mode attribute. Specifically, the driver used the 'channels' field instead of the correct 0-based 'address' index to access the ad7173_channels array. Because the 'channels' field may not correspond to the 'address' field depending on device tree configuration, this could lead to out-of-bounds array access.

Impact Analysis

The incorrect channel index access can cause out-of-bounds memory access in the kernel driver. This could potentially lead to system instability, crashes, or unexpected behavior in the affected device's ADC functionality. However, specific impacts such as privilege escalation or data corruption are not detailed.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-39786. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart