CVE-2025-71158

MEDIUM

Linux kernel - Unknown Vuln

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: ensure worker is torn down When an IRQ worker is running, unplugging the device would cause a crash. The sealevel hardware this driver was written for was not hotpluggable, so I never realized it. This change uses a spinlock to protect a list of workers, which it tears down on disconnect.

References (2)

[Patch] https://git.kernel.org/stable/c/179ef1127d7a4f09f0e741fa9f30b8a8e7886271

[Patch] https://git.kernel.org/stable/c/472d900c8bcac301ae0e40fdca7db799bd989ff5

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 0.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

Status published

Affected Products (2)

linux/Kernel < 6.18.6linux

linux/linux_kernel < 6.18.6

Timeline

Published Jan 23, 2026

Tracked Since Feb 18, 2026