CVE-2025-71136

Description

In the Linux kernel, the following vulnerability has been resolved: media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status() It's possible for cp_read() and hdmi_read() to return -EIO. Those values are further used as indexes for accessing arrays. Fix that by checking return values where it's needed. Found by Linux Verification Center (linuxtesting.org) with SVACE.

CVSS Details

CVSS Score

7.1

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Configurations (Affected Products)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* - VULNERABLE

Linux内核 adv7842驱动 < 修复版本

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

需要编写PoC代码演示此漏洞

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-71136
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-71136
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-71136/
[4] VulDB https://vuldb.com/cve/CVE-2025-71136
[5] https://git.kernel.org/stable/c/60dde0960e3ead8a9569f6c494d90d0232ac0983
[6] https://git.kernel.org/stable/c/8163419e3e05d71dcfa8fb49c8fdf8d76908fe51
[7] https://git.kernel.org/stable/c/a73881ae085db5702d8b13e2fc9f78d51c723d3f
[8] https://git.kernel.org/stable/c/b693d48a6ed0cd09171103ad418e4a693203d6e4
[9] https://git.kernel.org/stable/c/d6a22a4a96e4dfe6897cb3532d2b3016d87706f0
[10] https://git.kernel.org/stable/c/f81ee181cb036d046340c213091b69d9a8701a76
[11] https://git.kernel.org/stable/c/f913b9a2ccd6114b206b9e91dae5e3dc13a415a0

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-71136", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2026-01-14T15:16:03.383", "lastModified": "2026-03-25T18:03:37.533", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status()\n\nIt's possible for cp_read() and hdmi_read() to return -EIO. Those\nvalues are further used as indexes for accessing arrays.\n\nFix that by checking return values where it's needed.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."}, {"lang": "es", "value": "En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nmedia: adv7842: Evitar posibles accesos a arrays fuera de límites en adv7842_cp_log_status()\n\nEs posible que cp_read() y hdmi_read() devuelvan -EIO. Esos valores se utilizan además como índices para acceder a arrays.\n\nSolucionar esto comprobando los valores de retorno donde sea necesario.\n\nEncontrado por Linux Verification Center (linuxtesting.org) con SVACE."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "baseScore": 7.1, "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 5.2}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-125"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.12.1", "versionEndExcluding": "5.10.248", "matchCriteriaId": "A59E1614-05E4-4BE5-ACD0-ACF39FD14E7A"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.11", "versionEndExcluding": "5.15.198", "matchCriteriaId": "82159CAA-B6BA-43C6-85D8-65BDBC175A7E"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.16", "versionEndExcluding": "6.1.160", "matchCriteriaId": "C10CC03E-16A9-428A-B449-40D3763E15F6"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2", "versionEndExcluding": "6.6.120", "matchCriteriaId": "43C3A206-5EEE-417B-AA0F-EF8972E7A9F0"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.7", "versionEndExcluding": "6.12.64", "matchCriteriaId": "32BF4A52-377C-44ED-B5E6-7EA5D896E98B"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.13", "versionEndExcluding": "6.18.4", "matchCriteriaId": "DC988EA0-0E32-457A-BF95-89BEB31A227B"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:3.12:-:*:*:*:*:*:*", "matchCriteriaId": "5BAA3B29-CC59-41A5-AFBD-D7C24E65FC2F"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:*", "matchCriteriaId": "17B67AA7-40D6-4AFA-8459-F200F3D7CFD1"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:*", "matchCriteriaId": "C47E4CC9-C826-4FA9-B014-7FE3D9B318B2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:*", "matchCriteriaId": "F71D92C0-C023-48BD-B3B6-70B638EEE298"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:*", "matchCriteriaId": "13580667-0A98-40CC-B29F-D12790B91BDB"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc5:*:*:*:*:*:*", "matchCriteriaId": "CAD1FED7-CF48-47BF-AC7D-7B6FA3C065FC"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc6:*:*:*:*:*:*", "matchCriteriaId": "3EF854A1-ABB1-4E93-BE9A-44569EC76C0D"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc7:*:*:*:*:*:*", "matchCriteriaId": "F5DC0CA6-F0AF-4DDF-A882-3DADB9A886A7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc8:*:*:*:*:*:*", "matchCriteriaId": "EB5B7DFC-C36B-45D8-922C-877569FDDF43"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/60dde0960e3ead8a9569f6c494d90d0232ac0983", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}, {"url": "https://git.kernel.org/stable/c/8163419e3e05d71dcfa8fb49c8fdf8d76908fe51", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}, {"url": "https://git.kernel.org/stable/c/a73881ae085db5702d8b13e2fc9f78d51c723d3f", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}, {"url": "https://git.kernel.org/stable/c/b693d48a6ed0cd09171103ad418e4a693203d6e4", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", " ... (truncated)