CVE-2025-71162 — Use After Free in Linux
Severity
7.8HIGHNVD
OSV5.5
EPSS
0.0%
top 99.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 25
Latest updateApr 17
Description
In the Linux kernel, the following vulnerability has been resolved:
dmaengine: tegra-adma: Fix use-after-free
A use-after-free bug exists in the Tegra ADMA driver when audio streams
are terminated, particularly during XRUN conditions. The issue occurs
when the DMA buffer is freed by tegra_adma_terminate_all() before the
vchan completion tasklet finishes accessing it.
The race condition follows this sequence:
1. DMA transfer completes, triggering an interrupt that schedules the
completion tas…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages10 packages
▶CVEListV5linux/linuxf46b195799b5cb05338e7c44cb3617eacb56d755 — 5f8d1d66a952d0396671e1f21ff8127a4d14fb4e+7
Patches
🔴Vulnerability Details
4GHSA▶
GHSA-g96x-q37f-x894: In the Linux kernel, the following vulnerability has been resolved:
dmaengine: tegra-adma: Fix use-after-free
A use-after-free bug exists in the Teg↗2026-01-25
OSV▶
CVE-2025-71162: In the Linux kernel, the following vulnerability has been resolved: dmaengine: tegra-adma: Fix use-after-free A use-after-free bug exists in the Tegra↗2026-01-25