CVE-2025-71233

MEDIUM EPSS 2.0%
Published Feb 18, 20264mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Feb 18, 2026 4mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Avoid creating sub-groups asynchronously The asynchronous creation of sub-groups by a delayed work could lead to a NULL pointer dereference when the driver directory is removed before the work completes. The crash can be easily reproduced with the following commands: # cd /sys/kernel/config/pci_ep/functions/pci_epf_test # for i in {1..20}; do mkdir test && rmdir test; done BUG: kernel NULL pointer dereference, address: 0000000000000088 ... Call Trace: configfs_register_group+0x3d/0x190 pci_epf_cfs_work+0x41/0x110 process_one_work+0x18f/0x350 worker_thread+0x25a/0x3a0 Fix this issue by using configfs_add_default_group() API which does not have the deadlock problem as configfs_register_group() and does not require the delayed work handler. [mani: slightly reworded the description and added stable list]

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 6

VendorProductVersionRange
linuxlinux_kernel*≥5.12  –  <5.15.201
linuxlinux_kernel*≥5.16  –  <6.1.164
linuxlinux_kernel*≥6.2  –  <6.6.127
linuxlinux_kernel*≥6.7  –  <6.12.72
linuxlinux_kernel*≥6.13  –  <6.18.11
linuxlinux_kernel*≥6.19  –  <6.19.1

References 7

  • git.kernel.org https://git.kernel.org/stable/c/24a253c3aa6d9a2cde46158ce9782e023bfbf32d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5f609b3bffd4207cf9f2c9b41e1978457a5a1ea9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/73cee890adafa2c219bb865356e08e7f82423fe5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7c5c7d06bd1f86d2c3ebe62be903a4ba42db4d2c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8cb905eca73944089a0db01443c7628a9e87012d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d9af3cf58bb4c8d6dea4166011c780756b1138b5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fa9fb38f5fe9c80094c2138354d45cdc8d094d69
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/24a253c3aa6d9a2cde46158ce9782e023bfbf32d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5f609b3bffd4207cf9f2c9b41e1978457a5a1ea9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/73cee890adafa2c219bb865356e08e7f82423fe5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7c5c7d06bd1f86d2c3ebe62be903a4ba42db4d2c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8cb905eca73944089a0db01443c7628a9e87012d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d9af3cf58bb4c8d6dea4166011c780756b1138b5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fa9fb38f5fe9c80094c2138354d45cdc8d094d69
    Patch