CVE-2025-71146Missing Release of Memory after Effective Lifetime in Linux

CWE-401Missing Release of Memory after Effective Lifetime9 documents7 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 95.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
LinuxLinux KernelDebian Linux+3 more
Timeline
PublishedJan 23
Latest updateApr 17

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conncount: fix leaked ct in error paths There are some situations where ct might be leaked as error paths are skipping the refcounted check and return immediately. In order to solve it make sure that the check is always called.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages7 packages

NVDlinux/linux_kernel6.17.136.18+3
Debianlinux/linux_kernel< 6.12.69-1+1
CVEListV5linux/linux6e86f0eca857ee42787e30e9ec0b726aebfcae0a08fa37f4c8c59c294e9c18fea2d083ee94074e5a+9
debiandebian/linux< linux 6.18.3-1 (forky)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2025-71146: In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conncount: fix leaked ct in error paths There are some situations wh2026-01-23
GHSA
GHSA-7v36-pgg4-9j5v: In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conncount: fix leaked ct in error paths There are some situations2026-01-23

📋Vendor Advisories

5
Ubuntu
Linux kernel (GCP) vulnerabilities2026-04-17
Ubuntu
Linux kernel (Real-time) vulnerabilities2026-04-17
Ubuntu
Linux kernel vulnerabilities2026-04-16
Red Hat
kernel: netfilter: nf_conncount: fix leaked ct in error paths2026-01-23
Debian
CVE-2025-71146: linux - In the Linux kernel, the following vulnerability has been resolved: netfilter: ...2025

🕵️Threat Intelligence

1
Wiz
CVE-2025-71146 Impact, Exploitability, and Mitigation Steps | Wiz