CVE-2025-71070 — Improper Update of Reference Count in Linux
Severity
6.4MEDIUM
No vectorEPSS
0.0%
top 92.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 13
Latest updateApr 17
Description
In the Linux kernel, the following vulnerability has been resolved:
ublk: clean up user copy references on ublk server exit
If a ublk server process releases a ublk char device file, any requests
dispatched to the ublk server but not yet completed will retain a ref
value of UBLK_REFCOUNT_INIT. Before commit e63d2228ef83 ("ublk: simplify
aborting ublk request"), __ublk_fail_req() would decrement the reference
count before completing the failed request. However, that commit
optimized __ublk_fail…
Affected Packages7 packages
▶CVEListV5linux/linuxe63d2228ef831af36f963b3ab8604160cfff84c1 — 13456b4f1033d911f8bf3a0a1195656f293ba0f6+3
🔴Vulnerability Details
3GHSA▶
GHSA-p797-qv57-j9x8: In the Linux kernel, the following vulnerability has been resolved:
ublk: clean up user copy references on ublk server exit
If a ublk server process↗2026-01-13
OSV▶
CVE-2025-71070: In the Linux kernel, the following vulnerability has been resolved: ublk: clean up user copy references on ublk server exit If a ublk server process r↗2026-01-13
📋Vendor Advisories
5Debian▶
CVE-2025-71070: linux - In the Linux kernel, the following vulnerability has been resolved: ublk: clean...↗2025