CVE-2025-71122

HIGH

Linux Kernel 6.2.0-6.5.99 - Denial of Service via IOMMUFD Test Overflow

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: iommufd/selftest: Check for overflow in IOMMU_TEST_OP_ADD_RESERVED syzkaller found it could overflow math in the test infrastructure and cause a WARN_ON by corrupting the reserved interval tree. This only effects test kernels with CONFIG_IOMMUFD_TEST. Validate the user input length in the test ioctl.

References (4)

Core 4

Core References

Patch

https://git.kernel.org/stable/c/4cc829d61f10c20523fd4085c1546e741a792a97

Patch

https://git.kernel.org/stable/c/e6c122cffcbb2e84d321ec8ba0e38ce8e7c10925

Patch

https://git.kernel.org/stable/c/b166b8e0a381429fefd9180e67fbc834b3cee82f

Patch

https://git.kernel.org/stable/c/e6a973af11135439de32ece3b9cbe3bfc043bea8

Scores

CVSS v3 7.8

EPSS 0.0002

EPSS Percentile 6.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published

Products (16)

linux/Kernel 6.13.0 - 6.18.3linux

linux/Kernel 6.2.0 - 6.6.120linux

linux/Kernel 6.7.0 - 6.12.64linux

Linux/Linux < 6.2

Linux/Linux 6.12.64 - 6.12.*

Linux/Linux 6.18.3 - 6.18.*

Linux/Linux 6.19

Linux/Linux 6.2

Linux/Linux 6.6.120 - 6.6.*

Linux/Linux f4b20bb34c83dceade5470288f48f94ce3598ada - 4cc829d61f10c20523fd4085c1546e741a792a97

... and 6 more

Published Jan 14, 2026

Tracked Since Feb 18, 2026