CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
CVE-2025-37970: iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo
Description
In the Linux kernel, the following vulnerability has been resolved:
iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo
Prevent st_lsm6dsx_read_fifo from falling in an infinite loop in case
pattern_len is equal to zero and the device FIFO is not empty.
Classification
CVE ID: CVE-2025-37970
Affected Products
Vendor: Linux
Product: Linux
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.06% (probability of being exploited)
EPSS Percentile: 17.55% (scored less or equal to compared to others)
EPSS Date: 2025-06-18 (when was this score calculated)
References
https://nvd.nist.gov/vuln/detail/CVE-2025-37970https://git.kernel.org/stable/c/f3cf233c946531a92fe651ff2bd15ebbe60630a7
https://git.kernel.org/stable/c/6c4a5000618a8c44200d455c92e2f2a4db264717
https://git.kernel.org/stable/c/da33c4167b9cc1266a97215114cb74679f881d0c
https://git.kernel.org/stable/c/a1cad8a3bca41dead9980615d35efc7bff1fd534
https://git.kernel.org/stable/c/3bb6c02d6fe8347ce1785016d135ff539c20043c
https://git.kernel.org/stable/c/159ca7f18129834b6f4c7eae67de48e96c752fc9