-

CVE-2025-71196

EPSS 0.04%
Veröffentlicht 04.02.2026 16:04:17
Zuletzt bearbeitet 06.02.2026 17:16:20
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

phy: stm32-usphyc: Fix off by one in probe()

The "index" variable is used as an index into the usbphyc->phys[] array
which has usbphyc->nphys elements.  So if it is equal to usbphyc->nphys
then it is one element out of bounds.  The "index" comes from the
device tree so it's data that we trust and it's unlikely to be wrong,
however it's obviously still worth fixing the bug.  Change the > to >=.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < a9eec890879731c280697fdf1c50699e905b2fa7

Version 94c358da3a0545205c6c6a50ae26141f1c73acfa

Status affected

Version < fb9d513cdf1614bf0f0e785816afb1faae3f81af

Version 94c358da3a0545205c6c6a50ae26141f1c73acfa

Status affected

Version < c06f13876cbad702582cd67fc77356e5524d02cd

Version 94c358da3a0545205c6c6a50ae26141f1c73acfa

Status affected

Version < 76b870fdaad82171a24b8aacffe5e4d9e0d2ee2c

Version 94c358da3a0545205c6c6a50ae26141f1c73acfa

Status affected

Version < b91c9f6bfb04e430adeeac7e7ebc9d80f9d72bad

Version 94c358da3a0545205c6c6a50ae26141f1c73acfa

Status affected

Version < 7c27eaf183563b86d815ff6e9cca0210b4cfa051

Version 94c358da3a0545205c6c6a50ae26141f1c73acfa

Status affected

Version < cabd25b57216ddc132efbcc31f972baa03aad15a

Version 94c358da3a0545205c6c6a50ae26141f1c73acfa

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.17

Status affected

Version < 4.17

Version 0

Status unaffected

Version <= 5.10.*

Version 5.10.249

Status unaffected

Version <= 5.15.*

Version 5.15.199

Status unaffected

Version <= 6.1.*

Version 6.1.162

Status unaffected

Version <= 6.6.*

Version 6.6.122

Status unaffected

Version <= 6.12.*

Version 6.12.67

Status unaffected

Version <= 6.18.*

Version 6.18.7

Status unaffected

Version <= *

Version 6.19

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.099

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/76b870fdaad82171a24b8aacffe5e4d9e0d2ee2c

https://git.kernel.org/stable/c/b91c9f6bfb04e430adeeac7e7ebc9d80f9d72bad

https://git.kernel.org/stable/c/7c27eaf183563b86d815ff6e9cca0210b4cfa051

https://git.kernel.org/stable/c/cabd25b57216ddc132efbcc31f972baa03aad15a

https://git.kernel.org/stable/c/a9eec890879731c280697fdf1c50699e905b2fa7

https://git.kernel.org/stable/c/c06f13876cbad702582cd67fc77356e5524d02cd

https://git.kernel.org/stable/c/fb9d513cdf1614bf0f0e785816afb1faae3f81af

https://nvd.nist.gov/vuln/detail/CVE-2025-71196

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-71196

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-71196

EUVD