You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 38485
About this tag
CVE-2025-38485 is a Linux kernel vulnerability involving a race-condition use-after-free in the Industrial I/O (IIO) accelerometer driver for the FXLS8962AF sensor. The flaw can cause a NULL-dereference and potential kernel crash when an interrupt handler accesses device state after the device has left buffer mode. Microsoft's Security Response Center (MSRC) has indicated that Azure Linux includes the affected component and is potentially impacted, with plans to expand attestations to other product families if needed. Discussions on WindowsForum cover the technical details of the race condition, the affected driver, and Microsoft's response regarding Azure Linux and CSAF/VEX attestations.
A newly assigned Linux-kernel vulnerability, tracked as CVE-2025-38485, exposes a race-condition use‑after‑free in the Industrial I/O (IIO) accelerometer driver for the FXLS8962AF sensor: a kernel interrupt handler can observe and use device state after the associated device object has left...