Linux Kernel: Fix UCSI num_connectors 8thbit bug causing boot failure
CVE-2025-71108 Published on January 14, 2026
usb: typec: ucsi: Handle incorrect num_connectors capability
In the Linux kernel, the following vulnerability has been resolved:
usb: typec: ucsi: Handle incorrect num_connectors capability
The UCSI spec states that the num_connectors field is 7 bits, and the
8th bit is reserved and should be set to zero.
Some buggy FW has been known to set this bit, and it can lead to a
system not booting.
Flag that the FW is not behaving correctly, and auto-fix the value
so that the system boots correctly.
Found on Lenovo P1 G8 during Linux enablement program. The FW will
be fixed, but seemed worth addressing in case it hit platforms that
aren't officially Linux supported.
Products Associated with CVE-2025-71108
stack.watch emails you whenever new vulnerabilities are published in Linux Kernel or Canonical Ubuntu Linux. Just hit a watch button to start following.
Affected Versions
Linux:- Version c1b0bc2dabfa884dea49c02adaf3cd6b52b33d2f and below 07c8d2a109d847775b3b4e2c3294c8e1eea75432 is affected.
- Version c1b0bc2dabfa884dea49c02adaf3cd6b52b33d2f and below 58941bbb0050e365a98c64f1fc4a9a0ac127dba6 is affected.
- Version c1b0bc2dabfa884dea49c02adaf3cd6b52b33d2f and below f72f97d0aee4a993a35f2496bca5efd24827235d is affected.
- Version c1b0bc2dabfa884dea49c02adaf3cd6b52b33d2f and below 914605b0de8128434eafc9582445306830748b93 is affected.
- Version c1b0bc2dabfa884dea49c02adaf3cd6b52b33d2f and below 3042a57a8e8bce4a3100c3f6f03dc372aab24943 is affected.
- Version c1b0bc2dabfa884dea49c02adaf3cd6b52b33d2f and below 132fe187e0d940f388f839fe2cde9b84106ad20d is affected.
- Version c1b0bc2dabfa884dea49c02adaf3cd6b52b33d2f and below 30cd2cb1abf4c4acdb1ddb468c946f68939819fb is affected.
- Version 4.13 is affected.
- Before 4.13 is unaffected.
- Version 5.10.248, <= 5.10.* is unaffected.
- Version 5.15.198, <= 5.15.* is unaffected.
- Version 6.1.160, <= 6.1.* is unaffected.
- Version 6.6.120, <= 6.6.* is unaffected.
- Version 6.12.64, <= 6.12.* is unaffected.
- Version 6.18.3, <= 6.18.* is unaffected.
- Version 6.19, <= * is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.