Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-71071— iommu/mediatek: fix use-after-free on probe deferral

EPSS 0.02% · P5
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-71071

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
iommu/mediatek: fix use-after-free on probe deferral
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: fix use-after-free on probe deferral The driver is dropping the references taken to the larb devices during probe after successful lookup as well as on errors. This can potentially lead to a use-after-free in case a larb device has not yet been bound to its driver so that the iommu driver probe defers. Fix this by keeping the references as expected while the iommu driver is bound.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款产品安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于探测延迟时过早释放larb设备引用,可能导致释放后重用。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux 8412e5dd24ffc8bc21a00bfaa0b80d4596cdc9da ~ 896ec55da3b90bdb9fc04fedc17ad8c359b2eee5 -
LinuxLinux 6.2 -

II. Public POCs for CVE-2025-71071

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2025-71071

Please Login to view more intelligence information

Same Patch Batch · Linux · 2026-01-13 · 93 CVEs total

CVE-2025-710897.8 HIGHiommu: disable SVA when CONFIG_X86 is set
CVE-2025-71067ntfs: set dummy blocksize to read boot_block when mounting
CVE-2025-71066net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change
CVE-2025-71064net: hns3: using the num_tqps in the vf driver to apply for resources
CVE-2025-68820ext4: xattr: fix null pointer deref in ext4_raw_inode()
CVE-2025-68819media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg()
CVE-2025-68818scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path"
CVE-2025-68817ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency
CVE-2025-68816net/mlx5: fw_tracer, Validate format string parameters
CVE-2025-68821fuse: fix readahead reclaim deadlock
CVE-2025-71068svcrdma: bound check rq_pages index in inline path
CVE-2025-71069f2fs: invalidate dentry cache on failed whiteout creation
CVE-2025-71070ublk: clean up user copy references on ublk server exit
CVE-2025-71072shmem: fix recovery on rename failures
CVE-2025-71073Input: lkkbd - disable pending work before freeing device
CVE-2025-71074functionfs: fix the open/removal races
CVE-2025-71075scsi: aic94xx: fix use-after-free in device removal path
CVE-2025-71077tpm: Cap the number of PCR banks
CVE-2025-71076drm/xe/oa: Limit num_syncs to prevent oversized allocations
CVE-2025-71078powerpc/64s/slb: Fix SLB multihit issue during SLB preload

Showing top 20 of 93 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2025-71071

No comments yet

Leave a comment