Out-of-Bound Write Vulnerability in Linux Kernel Affecting IIO DAC Products
CVE-2026-23092

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 February 2026

What is CVE-2026-23092?

A vulnerability in the Linux kernel's IIO DAC AD3552R-HS component allows for an out-of-bounds write due to improper handling of buffer sizes. When the simple_write_to_buffer function returns a value that exceeds the stack buffer size, a subsequent write operation can lead to memory corruption. This occurs because the code mistakenly uses the count variable for null termination instead of the actual bytes copied. If the data written exceeds 64 bytes, it overwrites adjacent memory, potentially leading to instability and security risks. A static analysis revealed this bug, and it can be reproduced by attempting to write excessive data to the device node, triggering KASAN to report the out-of-bounds error.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch