CVE-2025-71136
Low
Low
Medium
High
Critical
CVSS Score
Published: Jan 14, 2026
Last Modified: Jan 14, 2026
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved:
media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status()
It's possible for cp_read() and hdmi_read() to return -EIO. Those
values are further used as indexes for accessing arrays.
Fix that by checking return values where it's needed.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
References & Resources
-
https://git.kernel.org/stable/c/60dde0960e3ead8a9569f6c494d90d0232ac0983416baaa9-dc9f-4396-8d5f-8c081fb06d67
-
https://git.kernel.org/stable/c/8163419e3e05d71dcfa8fb49c8fdf8d76908fe51416baaa9-dc9f-4396-8d5f-8c081fb06d67
-
https://git.kernel.org/stable/c/a73881ae085db5702d8b13e2fc9f78d51c723d3f416baaa9-dc9f-4396-8d5f-8c081fb06d67
-
https://git.kernel.org/stable/c/b693d48a6ed0cd09171103ad418e4a693203d6e4416baaa9-dc9f-4396-8d5f-8c081fb06d67
-
https://git.kernel.org/stable/c/d6a22a4a96e4dfe6897cb3532d2b3016d87706f0416baaa9-dc9f-4396-8d5f-8c081fb06d67
Severity Details
out of 10.0
Low
Key Information
- Published Date
- January 14, 2026
