{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-71200", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-31T11:36:51.193Z", "datePublished": "2026-02-14T15:09:45.689Z", "dateUpdated": "2026-02-14T15:09:45.689Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-02-14T15:09:45.689Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in HS200/HS400 mode\n\nWhen operating in HS200 or HS400 timing modes, reducing the clock frequency\nbelow 52MHz will lead to link broken as the Rockchip DWC MSHC controller\nrequires maintaining a minimum clock of 52MHz in these modes.\n\nAdd a check to prevent illegal clock reduction through debugfs:\n\nroot@debian:/# echo 50000000 > /sys/kernel/debug/mmc0/clock\nroot@debian:/# [ 30.090146] mmc0: running CQE recovery\nmmc0: cqhci: Failed to halt\nmmc0: cqhci: spurious TCN for tag 0\nWARNING: drivers/mmc/host/cqhci-core.c:797 at cqhci_irq+0x254/0x818, CPU#1: kworker/1:0H/24\nModules linked in:\nCPU: 1 UID: 0 PID: 24 Comm: kworker/1:0H Not tainted 6.19.0-rc1-00001-g09db0998649d-dirty #204 PREEMPT\nHardware name: Rockchip RK3588 EVB1 V10 Board (DT)\nWorkqueue: kblockd blk_mq_run_work_fn\npstate: 604000c9 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : cqhci_irq+0x254/0x818\nlr : cqhci_irq+0x254/0x818\n..."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/mmc/host/sdhci-of-dwcmshc.c"], "versions": [{"version": "c6f361cba51c536e7a6af31973c6a4e5d7e4e2e4", "lessThan": "59b8a1ca6df4db2ca250e9eeab74e2b0068d69e9", "status": "affected", "versionType": "git"}, {"version": "c6f361cba51c536e7a6af31973c6a4e5d7e4e2e4", "lessThan": "f2677d6e2bbc5ba2030825522d2afd0542b038a3", "status": "affected", "versionType": "git"}, {"version": "c6f361cba51c536e7a6af31973c6a4e5d7e4e2e4", "lessThan": "de0ad7156036a50982bcb75a080e4af284502be2", "status": "affected", "versionType": "git"}, {"version": "c6f361cba51c536e7a6af31973c6a4e5d7e4e2e4", "lessThan": "36be050f21dea7a3a76dff5a031da6274e8ee468", "status": "affected", "versionType": "git"}, {"version": "c6f361cba51c536e7a6af31973c6a4e5d7e4e2e4", "lessThan": "3009738a855cf938bbfc9078bec725031ae623a4", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/mmc/host/sdhci-of-dwcmshc.c"], "versions": [{"version": "6.0", "status": "affected"}, {"version": "0", "lessThan": "6.0", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.162", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.122", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.68", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.8", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.1.162"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.6.122"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.12.68"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.18.8"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.19"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/59b8a1ca6df4db2ca250e9eeab74e2b0068d69e9"}, {"url": "https://git.kernel.org/stable/c/f2677d6e2bbc5ba2030825522d2afd0542b038a3"}, {"url": "https://git.kernel.org/stable/c/de0ad7156036a50982bcb75a080e4af284502be2"}, {"url": "https://git.kernel.org/stable/c/36be050f21dea7a3a76dff5a031da6274e8ee468"}, {"url": "https://git.kernel.org/stable/c/3009738a855cf938bbfc9078bec725031ae623a4"}], "title": "mmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in HS200/HS400 mode", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "83DE4E0F-B87E-49B8-B0C7-D01CE9B22054", "versionEndExcluding": "6.1.162", "versionStartIncluding": "6.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "8EAAE395-0162-4BAF-9AD5-E9AF3C869C4F", "versionEndExcluding": "6.6.122", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "52F38E19-0FDD-4992-9D6D-D4169D689598", "versionEndExcluding": "6.12.68", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E65C6E79-7EBE-4C77-93F0-818CF5B38F4E", "versionEndExcluding": "6.18.8", "versionStartIncluding": "6.13", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:*", "matchCriteriaId": "17B67AA7-40D6-4AFA-8459-F200F3D7CFD1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:*", "matchCriteriaId": "C47E4CC9-C826-4FA9-B014-7FE3D9B318B2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:*", "matchCriteriaId": "F71D92C0-C023-48BD-B3B6-70B638EEE298", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:*", "matchCriteriaId": "13580667-0A98-40CC-B29F-D12790B91BDB", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc5:*:*:*:*:*:*", "matchCriteriaId": "CAD1FED7-CF48-47BF-AC7D-7B6FA3C065FC", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc6:*:*:*:*:*:*", "matchCriteriaId": "3EF854A1-ABB1-4E93-BE9A-44569EC76C0D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in HS200/HS400 mode\n\nWhen operating in HS200 or HS400 timing modes, reducing the clock frequency\nbelow 52MHz will lead to link broken as the Rockchip DWC MSHC controller\nrequires maintaining a minimum clock of 52MHz in these modes.\n\nAdd a check to prevent illegal clock reduction through debugfs:\n\nroot@debian:/# echo 50000000 > /sys/kernel/debug/mmc0/clock\nroot@debian:/# [ 30.090146] mmc0: running CQE recovery\nmmc0: cqhci: Failed to halt\nmmc0: cqhci: spurious TCN for tag 0\nWARNING: drivers/mmc/host/cqhci-core.c:797 at cqhci_irq+0x254/0x818, CPU#1: kworker/1:0H/24\nModules linked in:\nCPU: 1 UID: 0 PID: 24 Comm: kworker/1:0H Not tainted 6.19.0-rc1-00001-g09db0998649d-dirty #204 PREEMPT\nHardware name: Rockchip RK3588 EVB1 V10 Board (DT)\nWorkqueue: kblockd blk_mq_run_work_fn\npstate: 604000c9 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : cqhci_irq+0x254/0x818\nlr : cqhci_irq+0x254/0x818\n..."}, {"lang": "es", "value": "En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nmmc: sdhci-of-dwcmshc: Evitar la reducci\u00f3n ilegal del reloj en modo HS200/HS400\n\nAl operar en los modos de temporizaci\u00f3n HS200 o HS400, reducir la frecuencia del reloj por debajo de 52MHz provocar\u00e1 la interrupci\u00f3n del enlace, ya que el controlador Rockchip DWC MSHC requiere mantener un reloj m\u00ednimo de 52MHz en estos modos.\n\nA\u00f1adir una comprobaci\u00f3n para evitar la reducci\u00f3n ilegal del reloj a trav\u00e9s de debugfs:\n\nroot@debian:/# echo 50000000 > /sys/kernel/debug/mmc0/clock\nroot@debian:/# [ 30.090146] mmc0: ejecutando recuperaci\u00f3n de CQE\nmmc0: cqhci: Fallo al detener\nmmc0: cqhci: TCN espurio para la etiqueta 0\nADVERTENCIA: drivers/mmc/host/cqhci-core.c:797 en cqhci_irq+0x254/0x818, CPU#1: kworker/1:0H/24\nM\u00f3dulos enlazados:\nCPU: 1 UID: 0 PID: 24 Comm: kworker/1:0H No contaminado 6.19.0-rc1-00001-g09db0998649d-dirty #204 PREEMPT\nNombre del hardware: Placa Rockchip RK3588 EVB1 V10 (DT)\nCola de trabajo: kblockd blk_mq_run_work_fn\npstate: 604000c9 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : cqhci_irq+0x254/0x818\nlr : cqhci_irq+0x254/0x818\n..."}], "id": "CVE-2025-71200", "lastModified": "2026-03-18T13:42:10.163", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-02-14T15:16:05.980", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/3009738a855cf938bbfc9078bec725031ae623a4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/36be050f21dea7a3a76dff5a031da6274e8ee468"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/59b8a1ca6df4db2ca250e9eeab74e2b0068d69e9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/de0ad7156036a50982bcb75a080e4af284502be2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f2677d6e2bbc5ba2030825522d2afd0542b038a3"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: mmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in HS200/HS400 mode", "id": "2439856", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439856"}, "csaw": false, "details": ["No description is available for this CVE."], "name": "CVE-2025-71200", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-02-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-71200\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-71200\nhttps://lore.kernel.org/linux-cve-announce/2026021403-CVE-2025-71200-b7c7@gregkh/T"]}

{"created": "2026-02-16T12:01:51.540118+00:00", "updated": "2026-02-16T12:01:51.540251+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}