-

CVE-2025-71108

EPSS 0.03%
Veröffentlicht 14.01.2026 15:15:59
Zuletzt bearbeitet 19.01.2026 13:16:18
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

usb: typec: ucsi: Handle incorrect num_connectors capability

The UCSI spec states that the num_connectors field is 7 bits, and the
8th bit is reserved and should be set to zero.
Some buggy FW has been known to set this bit, and it can lead to a
system not booting.
Flag that the FW is not behaving correctly, and auto-fix the value
so that the system boots correctly.

Found on Lenovo P1 G8 during Linux enablement program. The FW will
be fixed, but seemed worth addressing in case it hit platforms that
aren't officially Linux supported.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 07c8d2a109d847775b3b4e2c3294c8e1eea75432

Version c1b0bc2dabfa884dea49c02adaf3cd6b52b33d2f

Status affected

Version < 58941bbb0050e365a98c64f1fc4a9a0ac127dba6

Version c1b0bc2dabfa884dea49c02adaf3cd6b52b33d2f

Status affected

Version < f72f97d0aee4a993a35f2496bca5efd24827235d

Version c1b0bc2dabfa884dea49c02adaf3cd6b52b33d2f

Status affected

Version < 914605b0de8128434eafc9582445306830748b93

Version c1b0bc2dabfa884dea49c02adaf3cd6b52b33d2f

Status affected

Version < 3042a57a8e8bce4a3100c3f6f03dc372aab24943

Version c1b0bc2dabfa884dea49c02adaf3cd6b52b33d2f

Status affected

Version < 132fe187e0d940f388f839fe2cde9b84106ad20d

Version c1b0bc2dabfa884dea49c02adaf3cd6b52b33d2f

Status affected

Version < 30cd2cb1abf4c4acdb1ddb468c946f68939819fb

Version c1b0bc2dabfa884dea49c02adaf3cd6b52b33d2f

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.13

Status affected

Version < 4.13

Version 0

Status unaffected

Version <= 5.10.*

Version 5.10.248

Status unaffected

Version <= 5.15.*

Version 5.15.198

Status unaffected

Version <= 6.1.*

Version 6.1.160

Status unaffected

Version <= 6.6.*

Version 6.6.120

Status unaffected

Version <= 6.12.*

Version 6.12.64

Status unaffected

Version <= 6.18.*

Version 6.18.3

Status unaffected

Version <= *

Version 6.19-rc1

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.088

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/132fe187e0d940f388f839fe2cde9b84106ad20d

https://git.kernel.org/stable/c/3042a57a8e8bce4a3100c3f6f03dc372aab24943

https://git.kernel.org/stable/c/30cd2cb1abf4c4acdb1ddb468c946f68939819fb

https://git.kernel.org/stable/c/914605b0de8128434eafc9582445306830748b93

https://git.kernel.org/stable/c/f72f97d0aee4a993a35f2496bca5efd24827235d

https://git.kernel.org/stable/c/07c8d2a109d847775b3b4e2c3294c8e1eea75432

https://git.kernel.org/stable/c/58941bbb0050e365a98c64f1fc4a9a0ac127dba6

https://nvd.nist.gov/vuln/detail/CVE-2025-71108

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-71108

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-71108

EUVD