SB2025122261 - NULL pointer dereference in Linux kernel iio accel driver
Published: December 22, 2025
Security Bulletin ID
SB2025122261
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) NULL pointer dereference (CVE-ID: CVE-2025-68330)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/iio/accel/bmc150-accel.h. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/3aa385a9c75c09b59dcab2ff76423439d23673ab
- https://git.kernel.org/stable/c/65ad4ed983fd9ee0259d86391d6a53f78203918c
- https://git.kernel.org/stable/c/93eaa5ddc5fc4f50ac396afad8ce261102ebd4f3
- https://git.kernel.org/stable/c/aad9d048a3211c48ec02efa405bf462856feb862
- https://git.kernel.org/stable/c/c891f504bb66604c822e7985e093cf39b97fdeb0
- https://git.kernel.org/stable/c/cdd4a9e98004bd7c7488311951fa6dbae38b2b80