Vulnerability Details CVE-2025-71136
In the Linux kernel, the following vulnerability has been resolved:
media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status()
It's possible for cp_read() and hdmi_read() to return -EIO. Those
values are further used as indexes for accessing arrays.
Fix that by checking return values where it's needed.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.4%
CVSS Severity
References
- https://git.kernel.org/stable/c/60dde0960e3ead8a9569f6c494d90d0232ac0983
- https://git.kernel.org/stable/c/8163419e3e05d71dcfa8fb49c8fdf8d76908fe51
- https://git.kernel.org/stable/c/a73881ae085db5702d8b13e2fc9f78d51c723d3f
- https://git.kernel.org/stable/c/b693d48a6ed0cd09171103ad418e4a693203d6e4
- https://git.kernel.org/stable/c/d6a22a4a96e4dfe6897cb3532d2b3016d87706f0
- https://git.kernel.org/stable/c/f81ee181cb036d046340c213091b69d9a8701a76
- https://git.kernel.org/stable/c/f913b9a2ccd6114b206b9e91dae5e3dc13a415a0