CVE-2025-71185

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation Make sure to drop the reference taken when looking up the crossbar platform device during am335x route allocation.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/1befa553f1ecc045dc9ff56107ff50162f63f3c0	Patch
https://git.kernel.org/stable/c/30352277d8e09c972436f883a5efd1f1b763ac14	Patch
https://git.kernel.org/stable/c/43725bd47d984937c429919ae291896d982d1f17	Patch
https://git.kernel.org/stable/c/4fc17b1c6d2e04ad13fd6c21cfbac68043ec03f9	Patch
https://git.kernel.org/stable/c/6fdf168f57e331e148a1177a9b590a845c21b315	Patch
https://git.kernel.org/stable/c/c933aa74d9f8d35e6cda322c38c4a907d37a9a2b	Patch
https://git.kernel.org/stable/c/f810132e825588fbad3cba940458c58bb7ec4d84	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:4.4:-::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc6::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc7::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc8::::::

History

25 Mar 2026, 18:48

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
References	~~() https://git.kernel.org/stable/c/1befa553f1ecc045dc9ff56107ff50162f63f3c0 -~~	() https://git.kernel.org/stable/c/1befa553f1ecc045dc9ff56107ff50162f63f3c0 - Patch
References	~~() https://git.kernel.org/stable/c/30352277d8e09c972436f883a5efd1f1b763ac14 -~~	() https://git.kernel.org/stable/c/30352277d8e09c972436f883a5efd1f1b763ac14 - Patch
References	~~() https://git.kernel.org/stable/c/43725bd47d984937c429919ae291896d982d1f17 -~~	() https://git.kernel.org/stable/c/43725bd47d984937c429919ae291896d982d1f17 - Patch
References	~~() https://git.kernel.org/stable/c/4fc17b1c6d2e04ad13fd6c21cfbac68043ec03f9 -~~	() https://git.kernel.org/stable/c/4fc17b1c6d2e04ad13fd6c21cfbac68043ec03f9 - Patch
References	~~() https://git.kernel.org/stable/c/6fdf168f57e331e148a1177a9b590a845c21b315 -~~	() https://git.kernel.org/stable/c/6fdf168f57e331e148a1177a9b590a845c21b315 - Patch
References	~~() https://git.kernel.org/stable/c/c933aa74d9f8d35e6cda322c38c4a907d37a9a2b -~~	() https://git.kernel.org/stable/c/c933aa74d9f8d35e6cda322c38c4a907d37a9a2b - Patch
References	~~() https://git.kernel.org/stable/c/f810132e825588fbad3cba940458c58bb7ec4d84 -~~	() https://git.kernel.org/stable/c/f810132e825588fbad3cba940458c58bb7ec4d84 - Patch
Summary		(es) En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: dmaengine: ti: dma-crossbar: corregir fuga de dispositivo en la asignación de ruta am335x Asegúrese de liberar la referencia tomada al buscar el dispositivo de plataforma crossbar durante la asignación de ruta am335x.
CPE		cpe:2.3:o:linux:linux_kernel:6.19:rc1:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.19:rc8:::::: cpe:2.3:o:linux:linux_kernel:6.19:rc3:::::: cpe:2.3:o:linux:linux_kernel:4.4:-:::::: cpe:2.3:o:linux:linux_kernel:6.19:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.19:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.19:rc6:::::: cpe:2.3:o:linux:linux_kernel:6.19:rc5:::::: cpe:2.3:o:linux:linux_kernel:6.19:rc7::::::
First Time		Linux Linux linux Kernel
CWE		CWE-401

06 Feb 2026, 17:16

Type	Values Removed	Values Added
References		() https://git.kernel.org/stable/c/1befa553f1ecc045dc9ff56107ff50162f63f3c0 - () https://git.kernel.org/stable/c/43725bd47d984937c429919ae291896d982d1f17 - () https://git.kernel.org/stable/c/c933aa74d9f8d35e6cda322c38c4a907d37a9a2b -

31 Jan 2026, 12:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-01-31 12:16

Updated : 2026-03-25 18:48

NVD link : CVE-2025-71185

Mitre link : CVE-2025-71185

CVE.ORG link : CVE-2025-71185

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-401

Missing Release of Memory after Effective Lifetime

5.5 /10