CVE-2025-71186

EUVD-2025-206589
In the Linux kernel, the following vulnerability has been resolved:

dmaengine: stm32: dmamux: fix device leak on route allocation

Make sure to drop the reference taken when looking up the DMA mux
platform device during route allocation.

Note that holding a reference to a device does not prevent its driver
data from going away so there is no point in keeping the reference.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 9%
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
vulnerable
bookworm (security)
6.1.162-1
fixed
bullseye
vulnerable
bullseye (security)
5.10.249-1
fixed
forky
6.18.9-1
fixed
sid
6.18.12-1
fixed
trixie
vulnerable
trixie (security)
6.12.73-1
fixed
linux-6.1
bullseye (security)
6.1.162-1~deb11u1
fixed
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/1a179ac01ff3993ab97e33cc77c316ed7415cda1
https://git.kernel.org/stable/c/1dda2a32303df0091896b01a9d09070d61fa344c
https://git.kernel.org/stable/c/2fb10259d4efb4367787b5ae9c94192e8a91c648
https://git.kernel.org/stable/c/3b42020e6790a5e19b36c187ed5b488a5716f97f
https://git.kernel.org/stable/c/3ef52d31cce8ba816739085a61efe07b63c6cf27
https://git.kernel.org/stable/c/6393da54dcb3488c080a183c4182ddec71ba8d7f
https://git.kernel.org/stable/c/dd6e4943889fb354efa3f700e42739da9bddb6ef