CVE-2025-71136 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status()

It's possible for cp_read() and hdmi_read() to return -EIO. Those
values are further used as indexes for accessing arrays.

Fix that by checking return values where it's needed.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/60dde0960e3ead8a9569f6c494d90d0232ac0983
https://git.kernel.org/stable/c/8163419e3e05d71dcfa8fb49c8fdf8d76908fe51
https://git.kernel.org/stable/c/a73881ae085db5702d8b13e2fc9f78d51c723d3f
https://git.kernel.org/stable/c/b693d48a6ed0cd09171103ad418e4a693203d6e4
https://git.kernel.org/stable/c/d6a22a4a96e4dfe6897cb3532d2b3016d87706f0

History

Wed, 14 Jan 2026 15:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status() It's possible for cp_read() and hdmi_read() to return -EIO. Those values are further used as indexes for accessing arrays. Fix that by checking return values where it's needed. Found by Linux Verification Center (linuxtesting.org) with SVACE.
Title		media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/60dde0960e3ead8a9569f6c494d90d0232ac0983 https://git.kernel.org/stable/c/8163419e3e05d71dcfa8fb49c8fdf8d76908fe51 https://git.kernel.org/stable/c/a73881ae085db5702d8b13e2fc9f78d51c723d3f https://git.kernel.org/stable/c/b693d48a6ed0cd09171103ad418e4a693203d6e4 https://git.kernel.org/stable/c/d6a22a4a96e4dfe6897cb3532d2b3016d87706f0

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-01-14T15:07:50.568Z

Updated: 2026-01-14T15:07:50.568Z

Reserved: 2026-01-13T15:30:19.656Z

Link: CVE-2025-71136

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-01-14T15:16:03.383

Modified: 2026-01-14T16:25:12.057

Link: CVE-2025-71136

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

Metrics

Affected Vendors & Products

Projects

Metrics

Affected Vendors & Products

Projects

JSON object

JSON object

JSON object

JSON object

JSON object