{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-71111","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2026-01-13T15:30:19.653Z","datePublished":"2026-01-14T15:05:58.649Z","dateUpdated":"2026-05-11T21:55:03.314Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:55:03.314Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (w83791d) Convert macros to functions to avoid TOCTOU\n\nThe macro FAN_FROM_REG evaluates its arguments multiple times. When used\nin lockless contexts involving shared driver data, this leads to\nTime-of-Check to Time-of-Use (TOCTOU) race conditions, potentially\ncausing divide-by-zero errors.\n\nConvert the macro to a static function. This guarantees that arguments\nare evaluated only once (pass-by-value), preventing the race\nconditions.\n\nAdditionally, in store_fan_div, move the calculation of the minimum\nlimit inside the update lock. This ensures that the read-modify-write\nsequence operates on consistent data.\n\nAdhere to the principle of minimal changes by only converting macros\nthat evaluate arguments multiple times and are used in lockless\ncontexts."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/hwmon/w83791d.c"],"versions":[{"version":"9873964d6eb24bd0205394f9b791de9eddbcb855","lessThan":"3dceb68f6ad33156032ef4da21a93d84059cca6d","status":"affected","versionType":"git"},{"version":"9873964d6eb24bd0205394f9b791de9eddbcb855","lessThan":"bf5b03227f2e6d4360004886d268f9df8993ef8f","status":"affected","versionType":"git"},{"version":"9873964d6eb24bd0205394f9b791de9eddbcb855","lessThan":"f2b579a0c37c0df19603d719894a942a295f634a","status":"affected","versionType":"git"},{"version":"9873964d6eb24bd0205394f9b791de9eddbcb855","lessThan":"f94800fbc26ccf7c81eb791707b038a57aa39a18","status":"affected","versionType":"git"},{"version":"9873964d6eb24bd0205394f9b791de9eddbcb855","lessThan":"a9fb6e8835a22f5796c1182ed612daed3fd273af","status":"affected","versionType":"git"},{"version":"9873964d6eb24bd0205394f9b791de9eddbcb855","lessThan":"c8cf0c2bdcccc6634b6915ff793b844e12436680","status":"affected","versionType":"git"},{"version":"9873964d6eb24bd0205394f9b791de9eddbcb855","lessThan":"670d7ef945d3a84683594429aea6ab2cdfa5ceb4","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/hwmon/w83791d.c"],"versions":[{"version":"2.6.18","status":"affected"},{"version":"0","lessThan":"2.6.18","status":"unaffected","versionType":"semver"},{"version":"5.10.248","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.198","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.160","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.120","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.64","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.18.3","lessThanOrEqual":"6.18.*","status":"unaffected","versionType":"semver"},{"version":"6.19","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.18","versionEndExcluding":"5.10.248"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.18","versionEndExcluding":"5.15.198"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.18","versionEndExcluding":"6.1.160"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.18","versionEndExcluding":"6.6.120"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.18","versionEndExcluding":"6.12.64"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.18","versionEndExcluding":"6.18.3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.18","versionEndExcluding":"6.19"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/3dceb68f6ad33156032ef4da21a93d84059cca6d"},{"url":"https://git.kernel.org/stable/c/bf5b03227f2e6d4360004886d268f9df8993ef8f"},{"url":"https://git.kernel.org/stable/c/f2b579a0c37c0df19603d719894a942a295f634a"},{"url":"https://git.kernel.org/stable/c/f94800fbc26ccf7c81eb791707b038a57aa39a18"},{"url":"https://git.kernel.org/stable/c/a9fb6e8835a22f5796c1182ed612daed3fd273af"},{"url":"https://git.kernel.org/stable/c/c8cf0c2bdcccc6634b6915ff793b844e12436680"},{"url":"https://git.kernel.org/stable/c/670d7ef945d3a84683594429aea6ab2cdfa5ceb4"}],"title":"hwmon: (w83791d) Convert macros to functions to avoid TOCTOU","x_generator":{"engine":"bippy-1.2.0"}}}}