CVE-2025-71139Linux vulnerability

7 documents6 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 94.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedJan 14

Description

In the Linux kernel, the following vulnerability has been resolved: kernel/kexec: fix IMA when allocation happens in CMA area *** Bug description *** When I tested kexec with the latest kernel, I ran into the following warning: [ 40.712410] ------------[ cut here ]------------ [ 40.712576] WARNING: CPU: 2 PID: 1562 at kernel/kexec_core.c:1001 kimage_map_segment+0x144/0x198 [...] [ 40.816047] Call trace: [ 40.818498] kimage_map_segment+0x144/0x198 (P) [ 40.823221] ima_kexec_post_load+0x58/0xc

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages5 packages

Linuxlinux/linux_kernel6.17.06.18.4
NVDlinux/linux_kernel6.17.16.18.4+2
Debianlinux/linux_kernel< 6.18.5-1
CVEListV5linux/linux07d24902977e4704fab8472981e73a0ad6dfa1fda843e4155c83211c55b1b6cc17eab27a6a2c5b6f+2
debiandebian/linux< linux 6.18.5-1 (forky)

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
GHSA
GHSA-jp7x-4qxm-3gv8: In the Linux kernel, the following vulnerability has been resolved: kernel/kexec: fix IMA when allocation happens in CMA area *** Bug description **2026-01-14
OSV
CVE-2025-71139: In the Linux kernel, the following vulnerability has been resolved: kernel/kexec: fix IMA when allocation happens in CMA area *** Bug description ***2026-01-14
OSV
kernel/kexec: fix IMA when allocation happens in CMA area2026-01-14

📋Vendor Advisories

2
Red Hat
kernel: kernel/kexec: fix IMA when allocation happens in CMA area2026-01-14
Debian
CVE-2025-71139: linux - In the Linux kernel, the following vulnerability has been resolved: kernel/kexe...2025

🕵️Threat Intelligence

1
Wiz
CVE-2025-71139 Impact, Exploitability, and Mitigation Steps | Wiz