CVE-2025-71200

In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in HS200/HS400 mode When operating in HS200 or HS400 timing modes, reducing the clock frequency below 52MHz will lead to link broken as the Rockchip DWC MSHC controller requires maintaining a minimum clock of 52MHz in these modes. Add a check to prevent illegal clock reduction through debugfs: root@debian:/# echo 50000000 > /sys/kernel/debug/mmc0/clock root@debian:/# [ 30.090146] mmc0: running CQE recovery mmc0: cqhci: Failed to halt mmc0: cqhci: spurious TCN for tag 0 WARNING: drivers/mmc/host/cqhci-core.c:797 at cqhci_irq+0x254/0x818, CPU#1: kworker/1:0H/24 Modules linked in: CPU: 1 UID: 0 PID: 24 Comm: kworker/1:0H Not tainted 6.19.0-rc1-00001-g09db0998649d-dirty #204 PREEMPT Hardware name: Rockchip RK3588 EVB1 V10 Board (DT) Workqueue: kblockd blk_mq_run_work_fn pstate: 604000c9 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : cqhci_irq+0x254/0x818 lr : cqhci_irq+0x254/0x818 ...

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/3009738a855cf938bbfc9078bec725031ae623a4	Patch
https://git.kernel.org/stable/c/36be050f21dea7a3a76dff5a031da6274e8ee468	Patch
https://git.kernel.org/stable/c/59b8a1ca6df4db2ca250e9eeab74e2b0068d69e9	Patch
https://git.kernel.org/stable/c/de0ad7156036a50982bcb75a080e4af284502be2	Patch
https://git.kernel.org/stable/c/f2677d6e2bbc5ba2030825522d2afd0542b038a3	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc6::::::

History

18 Mar 2026, 13:42

Type	Values Removed	Values Added
CWE		NVD-CWE-noinfo
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
CPE		cpe:2.3:o:linux:linux_kernel:6.19:rc5:::::: cpe:2.3:o:linux:linux_kernel:6.19:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.19:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.19:rc2:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.19:rc6:::::: cpe:2.3:o:linux:linux_kernel:6.19:rc3::::::
First Time		Linux Linux linux Kernel
References	~~() https://git.kernel.org/stable/c/3009738a855cf938bbfc9078bec725031ae623a4 -~~	() https://git.kernel.org/stable/c/3009738a855cf938bbfc9078bec725031ae623a4 - Patch
References	~~() https://git.kernel.org/stable/c/36be050f21dea7a3a76dff5a031da6274e8ee468 -~~	() https://git.kernel.org/stable/c/36be050f21dea7a3a76dff5a031da6274e8ee468 - Patch
References	~~() https://git.kernel.org/stable/c/59b8a1ca6df4db2ca250e9eeab74e2b0068d69e9 -~~	() https://git.kernel.org/stable/c/59b8a1ca6df4db2ca250e9eeab74e2b0068d69e9 - Patch
References	~~() https://git.kernel.org/stable/c/de0ad7156036a50982bcb75a080e4af284502be2 -~~	() https://git.kernel.org/stable/c/de0ad7156036a50982bcb75a080e4af284502be2 - Patch
References	~~() https://git.kernel.org/stable/c/f2677d6e2bbc5ba2030825522d2afd0542b038a3 -~~	() https://git.kernel.org/stable/c/f2677d6e2bbc5ba2030825522d2afd0542b038a3 - Patch

18 Feb 2026, 17:52

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: mmc: sdhci-of-dwcmshc: Evitar la reducción ilegal del reloj en modo HS200/HS400 Al operar en los modos de temporización HS200 o HS400, reducir la frecuencia del reloj por debajo de 52MHz provocará la interrupción del enlace, ya que el controlador Rockchip DWC MSHC requiere mantener un reloj mínimo de 52MHz en estos modos. Añadir una comprobación para evitar la reducción ilegal del reloj a través de debugfs: root@debian:/# echo 50000000 > /sys/kernel/debug/mmc0/clock root@debian:/# [ 30.090146] mmc0: ejecutando recuperación de CQE mmc0: cqhci: Fallo al detener mmc0: cqhci: TCN espurio para la etiqueta 0 ADVERTENCIA: drivers/mmc/host/cqhci-core.c:797 en cqhci_irq+0x254/0x818, CPU#1: kworker/1:0H/24 Módulos enlazados: CPU: 1 UID: 0 PID: 24 Comm: kworker/1:0H No contaminado 6.19.0-rc1-00001-g09db0998649d-dirty #204 PREEMPT Nombre del hardware: Placa Rockchip RK3588 EVB1 V10 (DT) Cola de trabajo: kblockd blk_mq_run_work_fn pstate: 604000c9 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : cqhci_irq+0x254/0x818 lr : cqhci_irq+0x254/0x818 ...

14 Feb 2026, 15:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-14 15:16

Updated : 2026-03-18 13:42

NVD link : CVE-2025-71200

Mitre link : CVE-2025-71200

CVE.ORG link : CVE-2025-71200

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-noinfo

5.5 /10