| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2026011411-CVE-2025-71108-2969@gregkh> Date: Wed, 14 Jan 2026 16:06:13 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2025-71108: usb: typec: ucsi: Handle incorrect num_connectors capability From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Handle incorrect num_connectors capability The UCSI spec states that the num_connectors field is 7 bits, and the 8th bit is reserved and should be set to zero. Some buggy FW has been known to set this bit, and it can lead to a system not booting. Flag that the FW is not behaving correctly, and auto-fix the value so that the system boots correctly. Found on Lenovo P1 G8 during Linux enablement program. The FW will be fixed, but seemed worth addressing in case it hit platforms that aren't officially Linux supported. The Linux kernel CVE team has assigned CVE-2025-71108 to this issue. Affected and fixed versions =========================== Fixed in 6.1.160 with commit f72f97d0aee4a993a35f2496bca5efd24827235d Fixed in 6.6.120 with commit 914605b0de8128434eafc9582445306830748b93 Fixed in 6.12.64 with commit 3042a57a8e8bce4a3100c3f6f03dc372aab24943 Fixed in 6.18.3 with commit 132fe187e0d940f388f839fe2cde9b84106ad20d Fixed in 6.19-rc1 with commit 30cd2cb1abf4c4acdb1ddb468c946f68939819fb Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-71108 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/usb/typec/ucsi/ucsi.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/f72f97d0aee4a993a35f2496bca5efd24827235d https://git.kernel.org/stable/c/914605b0de8128434eafc9582445306830748b93 https://git.kernel.org/stable/c/3042a57a8e8bce4a3100c3f6f03dc372aab24943 https://git.kernel.org/stable/c/132fe187e0d940f388f839fe2cde9b84106ad20d https://git.kernel.org/stable/c/30cd2cb1abf4c4acdb1ddb468c946f68939819fb
Powered by blists - more mailing lists