CVE-2025-71143Improper Validation of Array Index in Linux

CWE-129Improper Validation of Array Index14 documents7 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 95.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
13
LinuxLinux KernelDebian Linux+10 more
Timeline
PublishedJan 14
Latest updateApr 17

Description

In the Linux kernel, the following vulnerability has been resolved: clk: samsung: exynos-clkout: Assign .num before accessing .hws Commit f316cdff8d67 ("clk: Annotate struct clk_hw_onecell_data with __counted_by") annotated the hws member of 'struct clk_hw_onecell_data' with __counted_by, which informs the bounds sanitizer (UBSAN_BOUNDS) about the number of elements in .hws[], so that it can warn when .hws[] is accessed out of bounds. As noted in that change, the __counted_by member must be in

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages15 packages

Linuxlinux/linux_kernel6.6.06.6.120+2
NVDlinux/linux_kernel6.6.16.6.120+4
Debianlinux/linux_kernel< 6.12.69-1+1
CVEListV5linux/linuxf316cdff8d677db9ad9c90acb44c4cd535b0ee27fbf57f5e453dadadb3d29b2d1dbe067e3dc4e236+4
debiandebian/linux< linux 6.18.5-1 (forky)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
OSV
clk: samsung: exynos-clkout: Assign .num before accessing .hws2026-01-14
OSV
CVE-2025-71143: In the Linux kernel, the following vulnerability has been resolved: clk: samsung: exynos-clkout: Assign2026-01-14
GHSA
GHSA-7w9g-xvfr-q799: In the Linux kernel, the following vulnerability has been resolved: clk: samsung: exynos-clkout: Assign2026-01-14

📋Vendor Advisories

9
Ubuntu
Linux kernel (GCP) vulnerabilities2026-04-17
Ubuntu
Linux kernel (FIPS) vulnerabilities2026-04-17
Ubuntu
Linux kernel (Real-time) vulnerabilities2026-04-17
Ubuntu
Linux kernel (Real-time) vulnerabilities2026-04-17
Ubuntu
Linux kernel (NVIDIA) vulnerabilities2026-04-17

🕵️Threat Intelligence

1
Wiz
CVE-2025-71143 Impact, Exploitability, and Mitigation Steps | Wiz