Main Vulnerability Database SB20260113108

SB20260113108 - Out-of-bounds read in Linux kernel hp hp-bioscfg driver

Published: January 13, 2026

Security Bulletin ID SB20260113108

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Out-of-bounds read (CVE-ID: CVE-2025-71101)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the hp_populate_string_elements_from_package() function in drivers/platform/x86/hp/hp-bioscfg/string-attributes.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/79cab730dbaaac03b946c7f5681bd08c986e2abd
https://git.kernel.org/stable/c/cf7ae870560b988247a4bbbe5399edd326632680
https://git.kernel.org/stable/c/db4c26adf7117b1a4431d1197ae7109fee3230ad
https://git.kernel.org/stable/c/e44c42c830b7ab36e3a3a86321c619f24def5206