CVE-2025-71071
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
13/01/2026
Last modified:
14/01/2026
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
iommu/mediatek: fix use-after-free on probe deferral<br />
<br />
The driver is dropping the references taken to the larb devices during<br />
probe after successful lookup as well as on errors. This can<br />
potentially lead to a use-after-free in case a larb device has not yet<br />
been bound to its driver so that the iommu driver probe defers.<br />
<br />
Fix this by keeping the references as expected while the iommu driver is<br />
bound.
Impact
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/1ef70a0b104ae8011811f60bcfaa55ff49385171
- https://git.kernel.org/stable/c/5c04217d06a1161aaf36267e9d971ab6f847d5a7
- https://git.kernel.org/stable/c/896ec55da3b90bdb9fc04fedc17ad8c359b2eee5
- https://git.kernel.org/stable/c/de83d4617f9fe059623e97acf7e1e10d209625b5
- https://git.kernel.org/stable/c/f6c08d3aa441bbc1956e9d65f1cbb89113a5aa8a