Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status() It's possible for cp_read() and hdmi_read() to return -EIO. Those values are further used as indexes for accessing arrays. Fix that by checking return values where it's needed. Found by Linux Verification Center (linuxtesting.org) with SVACE.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 3.12.1, < 5.10.248 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/60dde0960e3ead8a9569f6c494d90d0232ac0983Patch
- https://git.kernel.org/stable/c/8163419e3e05d71dcfa8fb49c8fdf8d76908fe51Patch
- https://git.kernel.org/stable/c/a73881ae085db5702d8b13e2fc9f78d51c723d3fPatch
- https://git.kernel.org/stable/c/b693d48a6ed0cd09171103ad418e4a693203d6e4Patch
- https://git.kernel.org/stable/c/d6a22a4a96e4dfe6897cb3532d2b3016d87706f0Patch
- https://git.kernel.org/stable/c/f81ee181cb036d046340c213091b69d9a8701a76Patch
- https://git.kernel.org/stable/c/f913b9a2ccd6114b206b9e91dae5e3dc13a415a0Patch
FAQ
What is CVE-2025-71136?
CVE-2025-71136 is a vulnerability with a CVSS score of 7.1 (HIGH). In the Linux kernel, the following vulnerability has been resolved: media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status() It's possible for cp_read() and hdmi_read()...
How severe is CVE-2025-71136?
CVE-2025-71136 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-71136?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.