FKIE_CVE-2025-71196

Vulnerability from fkie_nvd - Published: 2026-02-04 17:16 - Updated: 2026-02-06 17:16
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: phy: stm32-usphyc: Fix off by one in probe() The "index" variable is used as an index into the usbphyc->phys[] array which has usbphyc->nphys elements. So if it is equal to usbphyc->nphys then it is one element out of bounds. The "index" comes from the device tree so it's data that we trust and it's unlikely to be wrong, however it's obviously still worth fixing the bug. Change the > to >=.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/76b870fdaad82171a24b8aacffe5e4d9e0d2ee2c
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/7c27eaf183563b86d815ff6e9cca0210b4cfa051
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/a9eec890879731c280697fdf1c50699e905b2fa7
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/b91c9f6bfb04e430adeeac7e7ebc9d80f9d72bad
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/c06f13876cbad702582cd67fc77356e5524d02cd
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/cabd25b57216ddc132efbcc31f972baa03aad15a
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/fb9d513cdf1614bf0f0e785816afb1faae3f81af
Impacted products
Vendor Product Version
To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: stm32-usphyc: Fix off by one in probe()\n\nThe \"index\" variable is used as an index into the usbphyc-\u003ephys[] array\nwhich has usbphyc-\u003enphys elements.  So if it is equal to usbphyc-\u003enphys\nthen it is one element out of bounds.  The \"index\" comes from the\ndevice tree so it\u0027s data that we trust and it\u0027s unlikely to be wrong,\nhowever it\u0027s obviously still worth fixing the bug.  Change the \u003e to \u003e=."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nphy: stm32-usphyc: Correcci\u00f3n de un error \u0027off by one\u0027 en probe()\n\nLa variable \u0027index\u0027 se utiliza como \u00edndice en el array usbphyc-\u0026gt;phys[] que tiene usbphyc-\u0026gt;nphys elementos. As\u00ed que si es igual a usbphyc-\u0026gt;nphys, entonces est\u00e1 un elemento fuera de los l\u00edmites. El \u0027index\u0027 proviene del \u00e1rbol de dispositivos, por lo que son datos en los que confiamos y es poco probable que sea incorrecto; sin embargo, obviamente, a\u00fan vale la pena corregir el error. Cambiar el \u0026gt; por \u0026gt;=."
    }
  ],
  "id": "CVE-2025-71196",
  "lastModified": "2026-02-06T17:16:20.073",
  "metrics": {},
  "published": "2026-02-04T17:16:11.530",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/76b870fdaad82171a24b8aacffe5e4d9e0d2ee2c"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/7c27eaf183563b86d815ff6e9cca0210b4cfa051"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/a9eec890879731c280697fdf1c50699e905b2fa7"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/b91c9f6bfb04e430adeeac7e7ebc9d80f9d72bad"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/c06f13876cbad702582cd67fc77356e5524d02cd"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/cabd25b57216ddc132efbcc31f972baa03aad15a"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/fb9d513cdf1614bf0f0e785816afb1faae3f81af"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.