Out-of-Bounds Access in Linux Kernel BNO055 Sensor Driver
CVE-2025-39719
What is CVE-2025-39719?
A vulnerability exists in the BNO055 sensor driver of the Linux kernel due to incorrect iteration over the hw_xlate array. In the function bno055_get_regmask(), the hw_xlate array is iterated using the size of the vals array, which is potentially larger than hw_xlate. This misalignment could lead to an out-of-bounds access, although it was designed to avoid this through control flow. To address this, a new hw_xlate_len field has been introduced, ensuring that the iteration only occurs within the bounds of the hw_xlate array, thus enhancing the security and stability of the driver.
Affected Version(s)
Linux 4aefe1c2bd0cb0223130671d459cd16efa3d3462
Linux 4aefe1c2bd0cb0223130671d459cd16efa3d3462 < 50e823a23816b792daf6e8405f8d6045952bb90e
Linux 4aefe1c2bd0cb0223130671d459cd16efa3d3462 < 4808ca3aa30ae857454d0b41d2d0bf161a312b45