CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
CVE-2025-37969: iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo
Description
In the Linux kernel, the following vulnerability has been resolved:
iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo
Prevent st_lsm6dsx_read_tagged_fifo from falling in an infinite loop in
case pattern_len is equal to zero and the device FIFO is not empty.
Classification
CVE ID: CVE-2025-37969
Affected Products
Vendor: Linux
Product: Linux
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.06% (probability of being exploited)
EPSS Percentile: 17.55% (scored less or equal to compared to others)
EPSS Date: 2025-06-18 (when was this score calculated)
References
https://nvd.nist.gov/vuln/detail/CVE-2025-37969https://git.kernel.org/stable/c/35b8c0a284983b71d92d082c54b7eb655ed4194f
https://git.kernel.org/stable/c/16857370b3a30663515956b3bd27f3def6a2cf06
https://git.kernel.org/stable/c/9ce662851380fe2018e36e15c0bdcb1ad177ed95
https://git.kernel.org/stable/c/dadf9116108315f2eb14c7415c7805f392c476b4
https://git.kernel.org/stable/c/9ddb4cf2192c213e4dba1733bbcdc94cf6d85bf7
https://git.kernel.org/stable/c/8114ef86e2058e2554111b793596f17bee23fa15