Linux Kernel hp-bioscfg OOB in ACPI Parsing
CVE-2025-71101 Published on January 13, 2026
platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing
In the Linux kernel, the following vulnerability has been resolved:
platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing
The hp_populate_*_elements_from_package() functions in the hp-bioscfg
driver contain out-of-bounds array access vulnerabilities.
These functions parse ACPI packages into internal data structures using
a for loop with index variable 'elem' that iterates through
enum_obj/integer_obj/order_obj/password_obj/string_obj arrays.
When processing multi-element fields like PREREQUISITES and
ENUM_POSSIBLE_VALUES, these functions read multiple consecutive array
elements using expressions like 'enum_obj[elem + reqs]' and
'enum_obj[elem + pos_values]' within nested loops.
The bug is that the bounds check only validated elem, but did not consider
the additional offset when accessing elem + reqs or elem + pos_values.
The fix changes the bounds check to validate the actual accessed index.
Products Associated with CVE-2025-71101
Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.
Affected Versions
Linux:- Version e6c7b3e15559699a30646dd45195549c7db447bd and below cf7ae870560b988247a4bbbe5399edd326632680 is affected.
- Version e6c7b3e15559699a30646dd45195549c7db447bd and below db4c26adf7117b1a4431d1197ae7109fee3230ad is affected.
- Version e6c7b3e15559699a30646dd45195549c7db447bd and below 79cab730dbaaac03b946c7f5681bd08c986e2abd is affected.
- Version e6c7b3e15559699a30646dd45195549c7db447bd and below e44c42c830b7ab36e3a3a86321c619f24def5206 is affected.
- Version 6.6 is affected.
- Before 6.6 is unaffected.
- Version 6.6.120, <= 6.6.* is unaffected.
- Version 6.12.64, <= 6.12.* is unaffected.
- Version 6.18.4, <= 6.18.* is unaffected.
- Version 6.19, <= * is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.