Cyber Resilience

CVE-2025-71136

High

Published: 14 January 2026

Published
14 January 2026
Modified
25 March 2026
KEV Added
Patch
CVSS Score v3.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
EPSS Score 0.0002 6.7th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-71136 is a high-severity Out-of-bounds Read (CWE-125) vulnerability in Linux Linux Kernel. Its CVSS base score is 7.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 6.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-11 (Error Handling).

Deeper analysis

CVE-2025-71136 is a vulnerability in the Linux kernel's media subsystem, specifically the adv7842 driver. The issue occurs in the adv7842_cp_log_status() function, where return values from cp_read() and hdmi_read()—which can be -EIO—are used directly as indexes for array accesses without prior validation, potentially leading to out-of-bounds reads. This flaw, classified under CWE-125 (Out-of-bounds Read), was identified by the Linux Verification Center using SVACE static analysis and carries a CVSS v3.1 base score of 7.1 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H).

A local attacker with low privileges can exploit this vulnerability with low complexity and no user interaction required. Successful exploitation enables high-impact confidentiality violations, such as unauthorized access to sensitive kernel memory, and high-impact availability disruptions, potentially including system crashes or denial of service.

Mitigation involves applying the relevant stable kernel patches, as detailed in the upstream commit references: https://git.kernel.org/stable/c/60dde0960e3ead8a9569f6c494d90d0232ac0983, https://git.kernel.org/stable/c/8163419e3e05d71dcfa8fb49c8fdf8d76908fe51, https://git.kernel.org/stable/c/a73881ae085db5702d8b13e2fc9f78d51c723d3f, https://git.kernel.org/stable/c/b693d48a6ed0cd09171103ad418e4a693203d6e4, and https://git.kernel.org/stable/c/d6a22a4a96e4dfe6897cb3532d2b3016d87706f0. These commits add return value checks before array indexing to prevent the out-of-bounds accesses.

EU & UK References

Vulnerability details

In the Linux kernel, the following vulnerability has been resolved: media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status() It's possible for cp_read() and hdmi_read() to return -EIO. Those values are further used as indexes for accessing arrays. Fix that…

more

by checking return values where it's needed. Found by Linux Verification Center (linuxtesting.org) with SVACE.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1212 Exploitation for Credential Access Credential Access
Adversaries may exploit software vulnerabilities in an attempt to collect credentials.
T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Kernel OOB read in adv7842 driver directly enables local exploitation for privilege escalation (T1068), credential access via kernel memory disclosure (T1212), and system DoS via crash (T1499.004).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-23076Same product: Linux Linux Kernel
CVE-2025-71101Same product: Linux Linux Kernel
CVE-2026-31528Same product: Linux Linux Kernel
CVE-2024-57982Same product: Linux Linux Kernel
CVE-2025-21743Same product: Linux Linux Kernel
CVE-2026-31774Same product: Linux Linux Kernel
CVE-2026-23325Same product: Linux Linux Kernel
CVE-2025-21815Same product: Linux Linux Kernel
CVE-2026-31779Same product: Linux Linux Kernel
CVE-2026-43051Same product: Linux Linux Kernel

Affected Assets

linux
linux kernel
3.12, 6.19 · 3.12.1 — 5.10.248 · 5.11 — 5.15.198 · 5.16 — 6.1.160

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires validation of untrusted return values (cp_read/hdmi_read) before they are used as array indexes, preventing the out-of-bounds read in adv7842_cp_log_status().

prevent

Requires proper handling of error returns such as -EIO so they are never propagated into pointer or array arithmetic in kernel drivers.

prevent

Mandates timely application of the kernel patches that insert the missing return-value checks before array indexing.

References