CVE-2025-71108
MEDIUM EPSS 2.4%
Published Jan 14, 20265mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Published Jan 14, 2026 5mo ago
Last Modified Jun 17, 2026 2w ago
Description
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Handle incorrect num_connectors capability The UCSI spec states that the num_connectors field is 7 bits, and the 8th bit is reserved and should be set to zero. Some buggy FW has been known to set this bit, and it can lead to a system not booting. Flag that the FW is not behaving correctly, and auto-fix the value so that the system boots correctly. Found on Lenovo P1 G8 during Linux enablement program. The FW will be fixed, but seemed worth addressing in case it hit platforms that aren't officially Linux supported.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
2.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 15
| Vendor | Product | Version | Range |
|---|---|---|---|
| linux | linux_kernel | * | ≥4.13.1 – <5.10.248 |
| linux | linux_kernel | * | ≥5.11 – <5.15.198 |
| linux | linux_kernel | * | ≥5.16 – <6.1.160 |
| linux | linux_kernel | * | ≥6.2 – <6.6.120 |
| linux | linux_kernel | * | ≥6.7 – <6.12.64 |
| linux | linux_kernel | * | ≥6.13 – <6.18.3 |
| linux | linux_kernel | 4.13 | any |
| linux | linux_kernel | 6.19 | any |
| linux | linux_kernel | 6.19 | any |
| linux | linux_kernel | 6.19 | any |
| linux | linux_kernel | 6.19 | any |
| linux | linux_kernel | 6.19 | any |
| linux | linux_kernel | 6.19 | any |
| linux | linux_kernel | 6.19 | any |
| linux | linux_kernel | 6.19 | any |
References 7
- git.kernel.org https://git.kernel.org/stable/c/07c8d2a109d847775b3b4e2c3294c8e1eea75432
- git.kernel.org https://git.kernel.org/stable/c/132fe187e0d940f388f839fe2cde9b84106ad20d
- git.kernel.org https://git.kernel.org/stable/c/3042a57a8e8bce4a3100c3f6f03dc372aab24943
- git.kernel.org https://git.kernel.org/stable/c/30cd2cb1abf4c4acdb1ddb468c946f68939819fb
- git.kernel.org https://git.kernel.org/stable/c/58941bbb0050e365a98c64f1fc4a9a0ac127dba6
- git.kernel.org https://git.kernel.org/stable/c/914605b0de8128434eafc9582445306830748b93
- git.kernel.org https://git.kernel.org/stable/c/f72f97d0aee4a993a35f2496bca5efd24827235d
Remediation
- git.kernel.org https://git.kernel.org/stable/c/07c8d2a109d847775b3b4e2c3294c8e1eea75432
- git.kernel.org https://git.kernel.org/stable/c/132fe187e0d940f388f839fe2cde9b84106ad20d
- git.kernel.org https://git.kernel.org/stable/c/3042a57a8e8bce4a3100c3f6f03dc372aab24943
- git.kernel.org https://git.kernel.org/stable/c/30cd2cb1abf4c4acdb1ddb468c946f68939819fb
- git.kernel.org https://git.kernel.org/stable/c/58941bbb0050e365a98c64f1fc4a9a0ac127dba6
- git.kernel.org https://git.kernel.org/stable/c/914605b0de8128434eafc9582445306830748b93
- git.kernel.org https://git.kernel.org/stable/c/f72f97d0aee4a993a35f2496bca5efd24827235d