CVE-2025-71192 — Double Free in Linux

7 documents6 sources

Severity

—N/A

No vector

EPSS

0.0%

top 92.57%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux +1 more

Timeline

PublishedFeb 4

Description

In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fix a double free in snd_ac97_controller_register() If ac97_add_adapter() fails, put_device() is the correct way to drop the device reference. kfree() is not required. Add kfree() if idr_alloc() fails and in ac97_adapter_release() to do the cleanup. Found by code review.

Affected Packages5 packages

▶Linuxlinux/linux_kernel4.15.0 — 6.1.161+3

▶Debianlinux/linux_kernel< 6.1.162-1+2

▶CVEListV5linux/linux74426fbff66eea8e8d1f42c8238c268d1e63a832 — c80f9b3349a99a9d5b295f5bbc23f544c5995ad7+5

▶debiandebian/linux< linux 6.1.162-1 (bookworm)

▶debiandebian/linux-6.1< linux 6.1.162-1 (bookworm)

🔴Vulnerability Details

OSV

CVE-2025-71192: In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fix a double free in snd_ac97_controller_register() If ac97_add_adapte↗2026-02-04

▶

GHSA

GHSA-629p-5p7m-6c4r: In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fix a double free in snd_ac97_controller_register() If ac97_add_adap↗2026-02-04

▶

OSV

ALSA: ac97: fix a double free in snd_ac97_controller_register()↗2026-02-04

▶

📋Vendor Advisories

Red Hat

kernel: ALSA: ac97: fix a double free in snd_ac97_controller_register()↗2026-02-04

▶

Debian

CVE-2025-71192: linux - In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97:...↗2025

▶

🕵️Threat Intelligence

Wiz

CVE-2025-71192 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶