CVE Catalog

CVE-2025-71185

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.18%

8th percentile - higher than 8% of all known CVEs

Summary

In the Linux kernel, a device reference leak was found in the DMA crossbar driver for TI AM335x. The reference to the crossbar platform device was not dropped during route allocation, causing a memory leak.

Risk Assessment

The reference leak can lead to gradual performance degradation or memory exhaustion over time, especially in embedded systems with limited resources.

Recommendation

Update the Linux kernel to a version containing the fix (commit addressing the issue). Monitor the availability of the patch in your system distribution.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation Make sure to drop the reference taken when looking up the crossbar platform device during am335x route allocation.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS