CVE-2025-71185

MEDIUM

Linux Kernel - Use-After-Free in DMA Crossbar Device Allocation

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation Make sure to drop the reference taken when looking up the crossbar platform device during am335x route allocation.

References (8)

Core 8

Core References

Patch

https://git.kernel.org/stable/c/30352277d8e09c972436f883a5efd1f1b763ac14

Patch

https://git.kernel.org/stable/c/4fc17b1c6d2e04ad13fd6c21cfbac68043ec03f9

Vendor Advisory

https://cert-portal.siemens.com/productcert/html/ssa-253495.html

Patch

https://git.kernel.org/stable/c/1befa553f1ecc045dc9ff56107ff50162f63f3c0

Patch

https://git.kernel.org/stable/c/c933aa74d9f8d35e6cda322c38c4a907d37a9a2b

Patch

https://git.kernel.org/stable/c/43725bd47d984937c429919ae291896d982d1f17

Patch

https://git.kernel.org/stable/c/6fdf168f57e331e148a1177a9b590a845c21b315

Patch

https://git.kernel.org/stable/c/f810132e825588fbad3cba940458c58bb7ec4d84

Scores

CVSS v3 5.5

EPSS 0.0018

EPSS Percentile 8.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-401

Status published

Products (25)

linux/Kernel 4.4.0 - 5.10.249linux

linux/Kernel 5.11.0 - 5.15.199linux

linux/Kernel 5.16.0 - 6.1.162linux

linux/Kernel 6.13.0 - 6.18.7linux

linux/Kernel 6.2.0 - 6.6.122linux

linux/Kernel 6.7.0 - 6.12.67linux

Linux/Linux < 4.4

Linux/Linux 4.4

Linux/Linux 42dbdcc6bf965997c088caff2a8be7f9bf44f701 - 1befa553f1ecc045dc9ff56107ff50162f63f3c0

Linux/Linux 42dbdcc6bf965997c088caff2a8be7f9bf44f701 - 30352277d8e09c972436f883a5efd1f1b763ac14

... and 15 more

Published Jan 31, 2026

Tracked Since Feb 18, 2026