CVE-2025-71071 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: fix use-after-free on probe deferral The driver is dropping the references taken to the larb devices during probe after successful lookup as well as on errors. This can potentially lead to a use-after-free in case a larb device has not yet been bound to its driver so that the iommu driver probe defers. Fix this by keeping the references as expected while the iommu driver is bound.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

References

Link	Providers
https://git.kernel.org/stable/c/1ef70a0b104ae8011811f60bcfaa55ff49385171
https://git.kernel.org/stable/c/5c04217d06a1161aaf36267e9d971ab6f847d5a7
https://git.kernel.org/stable/c/896ec55da3b90bdb9fc04fedc17ad8c359b2eee5
https://git.kernel.org/stable/c/de83d4617f9fe059623e97acf7e1e10d209625b5
https://git.kernel.org/stable/c/f6c08d3aa441bbc1956e9d65f1cbb89113a5aa8a
https://lore.kernel.org/linux-cve-announce/2026011325-CVE-2025-71071-67e9@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2025-71071
https://www.cve.org/CVERecord?id=CVE-2025-71071

History

Thu, 15 Jan 2026 12:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2026011325-CVE-2025-71071-67e9@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2025-71071 https://www.cve.org/CVERecord?id=CVE-2025-71071

Tue, 13 Jan 2026 15:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: fix use-after-free on probe deferral The driver is dropping the references taken to the larb devices during probe after successful lookup as well as on errors. This can potentially lead to a use-after-free in case a larb device has not yet been bound to its driver so that the iommu driver probe defers. Fix this by keeping the references as expected while the iommu driver is bound.
Title		iommu/mediatek: fix use-after-free on probe deferral
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/1ef70a0b104ae8011811f60bcfaa55ff49385171 https://git.kernel.org/stable/c/5c04217d06a1161aaf36267e9d971ab6f847d5a7 https://git.kernel.org/stable/c/896ec55da3b90bdb9fc04fedc17ad8c359b2eee5 https://git.kernel.org/stable/c/de83d4617f9fe059623e97acf7e1e10d209625b5 https://git.kernel.org/stable/c/f6c08d3aa441bbc1956e9d65f1cbb89113a5aa8a

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-01-13T15:31:25.400Z

Updated: 2026-01-13T15:31:25.400Z

Reserved: 2026-01-13T15:30:19.647Z

Link: CVE-2025-71071

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-01-13T16:16:06.520

Modified: 2026-01-14T16:26:00.933

Link: CVE-2025-71071

Redhat

Severity :

Publid Date: 2026-01-13T00:00:00Z

Links: CVE-2025-71071 - Bugzilla

Metrics

Affected Vendors & Products

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object