In the Linux kernel, the following vulnerability has been resolved:

iio: frequency: admv1013: fix NULL pointer dereference on str

When device_property_read_string() fails, str is left uninitialized
but the code falls through to strcmp(str, ...), dereferencing a garbage
pointer. Replace manual read/strcmp with
device_property_match_property_string() and consolidate the SE mode
enums into a single sequential enum, mapping to hardware register
values via a switch consistent with other bitfields in the driver.

Several cleanup patches have been applied to this driver recently so
this will need a manual backport.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Linux Linux unaffected
Version Status Constraints
da35a7b526d9b258a2cb8b7816f736a41b32176b affected < 3a9d8ec2051c2d80158ed7bded5e158c42870037
da35a7b526d9b258a2cb8b7816f736a41b32176b affected < 5e9f1bad26df3d3afb3cbbfa408b6d6e809708ac
da35a7b526d9b258a2cb8b7816f736a41b32176b affected < 2dc8d26690bf4e7226409563221c37bc095c94ff
da35a7b526d9b258a2cb8b7816f736a41b32176b affected < aac0a51b16700b403a55b67ba495de021db78763
Linux Linux affected
Version Status Constraints
5.17 affected
0 unaffected < 5.17
6.12.86 unaffected ≤ 6.12.*
6.18.27 unaffected ≤ 6.18.*
7.0.4 unaffected ≤ 7.0.*
7.1-rc1 unaffected ≤ *

No data.

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors Products
Linux Subscribe
Linux Kernel Subscribe

Project Subscriptions

Vendors Products
Linux Subscribe
Linux Kernel Subscribe
Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://git.kernel.org/stable/c/2dc8d26690bf4e7226409563221c37bc095c94ff cve-icon cve-icon
https://git.kernel.org/stable/c/3a9d8ec2051c2d80158ed7bded5e158c42870037 cve-icon cve-icon
https://git.kernel.org/stable/c/5e9f1bad26df3d3afb3cbbfa408b6d6e809708ac cve-icon cve-icon
https://git.kernel.org/stable/c/aac0a51b16700b403a55b67ba495de021db78763 cve-icon cve-icon
History

Mon, 08 Jun 2026 19:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476

Mon, 08 Jun 2026 17:00:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: iio: frequency: admv1013: fix NULL pointer dereference on str When device_property_read_string() fails, str is left uninitialized but the code falls through to strcmp(str, ...), dereferencing a garbage pointer. Replace manual read/strcmp with device_property_match_property_string() and consolidate the SE mode enums into a single sequential enum, mapping to hardware register values via a switch consistent with other bitfields in the driver. Several cleanup patches have been applied to this driver recently so this will need a manual backport.
Title iio: frequency: admv1013: fix NULL pointer dereference on str
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-08T15:41:25.273Z

Reserved: 2026-05-13T15:03:33.110Z

Link: CVE-2026-46282

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-08T17:16:45.940

Modified: 2026-06-08T17:16:45.940

Link: CVE-2026-46282

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-08T19:15:30Z

Weaknesses