CVE-2025-71200

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.19.0-rc1-00001-g09db0998649d

Description The Linux kernel contains an issue in the mmc subsystem, specifically within the sdhci-of-dwcmshc driver. When operating in HS200 or HS400 timing modes, reducing the clock frequency below 52MHz can lead to link breakage, as the Rockchip DWC MSHC controller requires a minimum clock frequency of 52MHz in these modes. A check has been added to prevent illegal clock reduction through debugfs. The issue can be triggered by setting a clock frequency below the required minimum via the debugfs interface, for example, using the command echo 50000000 > /sys/kernel/debug/mmc0/clock. This can lead to errors such as 'mmc0: running CQE recovery' and 'mmc0: cqhci: Failed to halt'.

Recommendations Update to a version of the Linux kernel newer than 6.19.0-rc1-00001-g09db0998649d.