CVE-2025-71071

EUVD-2026-2267
In the Linux kernel, the following vulnerability has been resolved:

iommu/mediatek: fix use-after-free on probe deferral

The driver is dropping the references taken to the larb devices during
probe after successful lookup as well as on errors. This can
potentially lead to a use-after-free in case a larb device has not yet
been bound to its driver so that the iommu driver probe defers.

Fix this by keeping the references as expected while the iommu driver is
bound.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
6.0.16 ≤
𝑥
< 6.1
linuxlinux_kernel
6.1.2 ≤
𝑥
< 6.1.160
linuxlinux_kernel
6.2.1 ≤
𝑥
< 6.6.120
linuxlinux_kernel
6.7 ≤
𝑥
< 6.12.64
linuxlinux_kernel
6.13 ≤
𝑥
< 6.18.3
linuxlinux_kernel
6.2
linuxlinux_kernel
6.19:rc1
linuxlinux_kernel
6.19:rc2
linuxlinux_kernel
6.19:rc3
linuxlinux_kernel
6.19:rc4
linuxlinux_kernel
6.19:rc5
linuxlinux_kernel
6.19:rc6
linuxlinux_kernel
6.19:rc7
linuxlinux_kernel
6.19:rc8
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
vulnerable
bookworm (security)
6.1.164-1
fixed
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.251-1
fixed
forky
6.19.11-1
fixed
sid
6.19.11-1
fixed
trixie
6.12.73-1
fixed
trixie (security)
6.12.74-2
fixed
linux-6.1
bullseye (security)
6.1.164-1~deb11u1
fixed
Common Weakness Enumeration
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/1ef70a0b104ae8011811f60bcfaa55ff49385171
https://git.kernel.org/stable/c/5c04217d06a1161aaf36267e9d971ab6f847d5a7
https://git.kernel.org/stable/c/896ec55da3b90bdb9fc04fedc17ad8c359b2eee5
https://git.kernel.org/stable/c/de83d4617f9fe059623e97acf7e1e10d209625b5
https://git.kernel.org/stable/c/f6c08d3aa441bbc1956e9d65f1cbb89113a5aa8a