Skip to main content

Linux Kernel EUVDEUVD-2026-28662

| CVE-2026-43356 MEDIUM
NULL Pointer Dereference (CWE-476)
2026-05-08 Linux GHSA-6g6f-cc29-q2wg
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
SUSE
MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

4
Analysis Generated
May 15, 2026 - 16:07 vuln.today
CVSS changed
May 15, 2026 - 16:07 NVD
5.5 (MEDIUM)
Patch available
May 08, 2026 - 16:18 EUVD
CVE Published
May 08, 2026 - 14:21 nvd
UNKNOWN (no severity yet)

DescriptionCVE.org

In the Linux kernel, the following vulnerability has been resolved:

iio: imu: adis: Fix NULL pointer dereference in adis_init

The adis_init() function dereferences adis->ops to check if the individual function pointers (write, read, reset) are NULL, but does not first check if adis->ops itself is NULL.

Drivers like adis16480, adis16490, adis16545 and others do not set custom ops and rely on adis_init() assigning the defaults. Since struct adis is zero-initialized by devm_iio_device_alloc(), adis->ops is NULL when adis_init() is called, causing a NULL pointer dereference:

Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 pc : adis_init+0xc0/0x118 Call trace: adis_init+0xc0/0x118 adis16480_probe+0xe0/0x670

Fix this by checking if adis->ops is NULL before dereferencing it, falling through to assign the default ops in that case.

AnalysisAI

A NULL pointer dereference in the Linux kernel's adis_init() function causes kernel crashes when initializing ADIS IMU drivers (adis16480, adis16490, adis16545). The function attempts to dereference adis->ops without first verifying it is non-NULL, triggering denial of service on affected systems during device probe. Exploitation requires local access with low privileges (CVSS AV:L/AC:L/PR:L). EPSS score of 0.02% (4th percentile) indicates minimal real-world exploitation likelihood. Vendor patches available across multiple stable kernel versions (6.19.9, 6.18.19, 7.0).

Technical ContextAI

This vulnerability affects the Industrial I/O (IIO) subsystem's ADIS IMU driver framework in the Linux kernel. The adis_init() function is responsible for initializing Analog Devices ADIS series inertial measurement unit drivers. When drivers call adis_init() without setting custom operations, the function should assign default operations. However, the code dereferences the adis->ops structure pointer to check individual function pointers (write, read, reset) before verifying adis->ops itself is non-NULL. Since struct adis is zero-initialized by devm_iio_device_alloc(), adis->ops starts as NULL, causing CWE-476 (NULL Pointer Dereference) during the probe sequence. This affects multiple ADIS driver variants (adis16480, adis16490, adis16545) that rely on default operations. The vulnerability was introduced in commit 3b29bcee8f6f703a5952b85fc2ffcbcfb0862db4 and exists in kernels from 6.15 onward until patched.

RemediationAI

Upgrade to patched Linux kernel versions: 6.18.19, 6.19.9, or 7.0 and later. Patches add NULL pointer check before dereferencing adis->ops in adis_init() function. Apply the appropriate stable kernel update for your distribution from vendor repositories or compile from source using commits ba19dd366528b961430f5195c2e382420703074f (mainline 7.0), 1a48f94c63a078e7b6a2e59a637fc0858dc6510c, or 9990cd4f8827bd1ae3fb6eb7407630d8d463c430 (stable branches). If immediate patching is not feasible, compensating controls include: blacklist affected ADIS IMU driver modules (adis16480, adis16490, adis16545) via /etc/modprobe.d/ configuration to prevent automatic loading-this prevents the crash but disables IMU functionality. Restrict physical access and disable USB/hardware hotplug capabilities to prevent local users from triggering device probe sequences. Review udev rules to prevent automatic module loading for ADIS devices. Note that blacklisting drivers eliminates IMU sensor functionality, making this workaround unsuitable for systems requiring these sensors operationally. Prioritize kernel patching for production industrial control systems and defer workarounds due to functional impact.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed

Share

EUVD-2026-28662 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy