CVE-2025-40114

HIGH 7.8

iio: light: Add check for array bounds in veml6075_read_int_time_ms

CVSS Score

7.8

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: iio: light: Add check for array bounds in veml6075_read_int_time_ms The array contains only 5 elements, but the index calculated by veml6075_read_int_time_index can range from 0 to 7, which could lead to out-of-bounds access. The check prevents this issue. Coverity Issue CID 1574309: (#1 of 1): Out-of-bounds read (OVERRUN) overrun-local: Overrunning array veml6075_it_ms of 5 4-byte elements at element index 7 (byte offset 31) using index int_index (which evaluates to 7) This is hardening against potentially broken hardware. Good to have but not necessary to backport.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Apr 18, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new high vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

3b82f43238aecd73464aeacc9c73407079511533 < 7a40b52d4442178bee0cf1c36bc450ab951cef0f 3b82f43238aecd73464aeacc9c73407079511533 < 18a08b5632809faa671279b3cd27d5f96cc5a3f0 3b82f43238aecd73464aeacc9c73407079511533 < 9c40a68b7f97fa487e6c7e67fcf4f846a1f96692 3b82f43238aecd73464aeacc9c73407079511533 < ee735aa33db16c1fb5ebccbaf84ad38f5583f3cc

Linux / Linux

6.8

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/7a40b52d4442178bee0cf1c36bc450ab951cef0f git.kernel.org: https://git.kernel.org/stable/c/18a08b5632809faa671279b3cd27d5f96cc5a3f0 git.kernel.org: https://git.kernel.org/stable/c/9c40a68b7f97fa487e6c7e67fcf4f846a1f96692 git.kernel.org: https://git.kernel.org/stable/c/ee735aa33db16c1fb5ebccbaf84ad38f5583f3cc