CVE-2025-71076
MEDIUM EPSS 2.2%
Published Jan 13, 20265mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Published Jan 13, 2026 5mo ago
Last Modified Jun 17, 2026 1w ago
Description
In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Limit num_syncs to prevent oversized allocations The OA open parameters did not validate num_syncs, allowing userspace to pass arbitrarily large values, potentially leading to excessive allocations. Add check to ensure that num_syncs does not exceed DRM_XE_MAX_SYNCS, returning -EINVAL when the limit is violated. v2: use XE_IOCTL_DBG() and drop duplicated check. (Ashutosh) (cherry picked from commit e057b2d2b8d815df3858a87dffafa2af37e5945b)
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
2.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 11
| Vendor | Product | Version | Range |
|---|---|---|---|
| linux | linux_kernel | * | ≥6.12.17 – <6.12.64 |
| linux | linux_kernel | * | ≥6.13.1 – <6.18.3 |
| linux | linux_kernel | 6.13 | any |
| linux | linux_kernel | 6.19 | any |
| linux | linux_kernel | 6.19 | any |
| linux | linux_kernel | 6.19 | any |
| linux | linux_kernel | 6.19 | any |
| linux | linux_kernel | 6.19 | any |
| linux | linux_kernel | 6.19 | any |
| linux | linux_kernel | 6.19 | any |
| linux | linux_kernel | 6.19 | any |
References 3
- git.kernel.org https://git.kernel.org/stable/c/338849090ee610ff6d11e5e90857d2c27a4121ab
- git.kernel.org https://git.kernel.org/stable/c/b963636331fb4f3f598d80492e2fa834757198eb
- git.kernel.org https://git.kernel.org/stable/c/f8dd66bfb4e184c71bd26418a00546ebe7f5c17a
Remediation
- git.kernel.org https://git.kernel.org/stable/c/338849090ee610ff6d11e5e90857d2c27a4121ab
- git.kernel.org https://git.kernel.org/stable/c/b963636331fb4f3f598d80492e2fa834757198eb
- git.kernel.org https://git.kernel.org/stable/c/f8dd66bfb4e184c71bd26418a00546ebe7f5c17a