CVE-2025-71181Improper Locking in Linux

CWE-667Improper Locking7 documents6 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 97.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedJan 31

Description

In the Linux kernel, the following vulnerability has been resolved: rust_binder: remove spin_lock() in rust_shrink_free_page() When forward-porting Rust Binder to 6.18, I neglected to take commit fb56fdf8b9a2 ("mm/list_lru: split the lock to per-cgroup scope") into account, and apparently I did not end up running the shrinker callback when I sanity tested the driver before submission. This leads to crashes like the following: WARNING: possible recursive locking detected 6.18.0-mainline-maybe-

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages5 packages

Linuxlinux/linux_kernel6.18.06.18.6
NVDlinux/linux_kernel6.18.16.18.6+2
Debianlinux/linux_kernel< 6.18.8-1
CVEListV5linux/linuxeafedbc7c050c44744fbdf80bdf3315e860b751330a98c97f7874031f2e1de19c777ce011143cba4+2
debiandebian/linux< linux 6.18.8-1 (forky)

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
OSV
CVE-2025-71181: In the Linux kernel, the following vulnerability has been resolved: rust_binder: remove spin_lock() in rust_shrink_free_page() When forward-porting Ru2026-01-31
OSV
rust_binder: remove spin_lock() in rust_shrink_free_page()2026-01-31
GHSA
GHSA-3qhg-rc86-rh99: In the Linux kernel, the following vulnerability has been resolved: rust_binder: remove spin_lock() in rust_shrink_free_page() When forward-porting2026-01-31

📋Vendor Advisories

2
Red Hat
kernel: rust_binder: remove spin_lock() in rust_shrink_free_page()2026-01-31
Debian
CVE-2025-71181: linux - In the Linux kernel, the following vulnerability has been resolved: rust_binder...2025

🕵️Threat Intelligence

1
Wiz
CVE-2025-71181 Impact, Exploitability, and Mitigation Steps | Wiz