VDB
DEBIAN-CVE-2025-71136
DEBIAN-CVE-2025-71136
PUBLISHED
CVSS 7.099999904632568 HIGH
In the Linux kernel, the following vulnerability has been resolved: media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status() It's possible for cp_read() and hdmi_read() to return -EIO. Those values are further used as indexes for accessing arrays. Fix that by checking return values where it's needed. Found by Linux Verification Center (linuxtesting.org) with SVACE.
Risk Scores
CVSS v3.1
7.099999904632568
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | linux-6.1 | *, 6.1.159-1, 6.1.158-1 |
| Debian:11 | linux | 5.10.205-1, 5.10.216-1, 5.10.103-1 |
| Debian:14 | linux | 6.17.10-1, 6.17.11-1, 6.17.12-1 |
| Debian:13 | linux | 6.12.63-1, 6.12.48-1, 6.12.69-1 |
| Debian:12 | linux | 6.1.147-1, 6.1.37-1, 6.1.27-1 |
Timeline
- Jan 14, 2026 CVE Published
- Apr 28, 2026 CVE Updated