Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.8
CVE-2025-40114: Linux Kernel Vulnerability: Out-of-bounds access in veml6075_read_int_time_ms
CVE-2025-40114
Summary
A bug in the Linux kernel's light driver could allow unauthorized access to sensitive information. This has been fixed in a recent update. If you're using the affected version of the kernel, update to the latest version to prevent potential data breaches.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions |
|---|---|---|
| linux | linux_kernel |
>= 6.8, < 6.12.23 >= 6.13, < 6.13.11 >= 6.14, < 6.14.2 cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
Original title
In the Linux kernel, the following vulnerability has been resolved:
iio: light: Add check for array bounds in veml6075_read_int_time_ms
The array contains only 5 elements, but the index calculate...
Original description
In the Linux kernel, the following vulnerability has been resolved:
iio: light: Add check for array bounds in veml6075_read_int_time_ms
The array contains only 5 elements, but the index calculated by
veml6075_read_int_time_index can range from 0 to 7,
which could lead to out-of-bounds access. The check prevents this issue.
Coverity Issue
CID 1574309: (#1 of 1): Out-of-bounds read (OVERRUN)
overrun-local: Overrunning array veml6075_it_ms of 5 4-byte
elements at element index 7 (byte offset 31) using
index int_index (which evaluates to 7)
This is hardening against potentially broken hardware. Good to have
but not necessary to backport.
iio: light: Add check for array bounds in veml6075_read_int_time_ms
The array contains only 5 elements, but the index calculated by
veml6075_read_int_time_index can range from 0 to 7,
which could lead to out-of-bounds access. The check prevents this issue.
Coverity Issue
CID 1574309: (#1 of 1): Out-of-bounds read (OVERRUN)
overrun-local: Overrunning array veml6075_it_ms of 5 4-byte
elements at element index 7 (byte offset 31) using
index int_index (which evaluates to 7)
This is hardening against potentially broken hardware. Good to have
but not necessary to backport.
nvd CVSS3.1
7.8
Vulnerability type
CWE-129
- https://git.kernel.org/stable/c/18a08b5632809faa671279b3cd27d5f96cc5a3f0 Patch
- https://git.kernel.org/stable/c/7a40b52d4442178bee0cf1c36bc450ab951cef0f Patch
- https://git.kernel.org/stable/c/9c40a68b7f97fa487e6c7e67fcf4f846a1f96692 Patch
- https://git.kernel.org/stable/c/ee735aa33db16c1fb5ebccbaf84ad38f5583f3cc Patch
Published: 18 Apr 2025 · Updated: 15 Jun 2026 · First seen: 7 Mar 2026