CVE Catalog

CVE-2025-71189

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.18%

8th percentile - higher than 8% of all known CVEs

Summary

In the Linux kernel, a vulnerability in the dw_dmamux DMA driver causes an OF node reference leak on late DMA route allocation failure. The reference taken to the DMA master OF node is not released when route allocation fails after the initial setup.

Risk Assessment

This reference leak can gradually deplete kernel memory, potentially leading to system instability or denial of service (DoS) over time.

Recommendation

Immediately update the Linux kernel to a version containing the fix (commit that releases the reference on allocation failure). Monitor your distribution for the patch and apply it as soon as possible.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw: dmamux: fix OF node leak on route allocation failure Make sure to drop the reference taken to the DMA master OF node also on late route allocation failures.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS