CVE-2025-71308

Published: May 27, 2026

Modified: May 27, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix potential NULL pointer dereference in context cleanup aie_destroy_context() is invoked during error handling in aie2_create_context(). However, aie_destroy_context() assumes that the context's mailbox channel pointer is non-NULL. If mailbox channel creation fails, the pointer remains NULL and calling aie_destroy_context() can lead to a NULL pointer dereference. In aie2_create_context(), replace aie_destroy_context() with a function which request firmware to remove the context created previously.

Vendor	Product	Versions
Linux	Linux	affected `be462c97b7dfd24999babe39cce3de224ebe1f80 - < 2611c9616cb52d3ed54a6095d72d18e645a6955a` affected `be462c97b7dfd24999babe39cce3de224ebe1f80 - < 97f27573837ef96b4ba42af463cc800cab615c0e`
Linux	Linux	affected `6.14` unaffected `0 - < 6.14` unaffected `6.19.4 - <= 6.19.` unaffected `7.0 - <= `

References

https://git.kernel.org/stable/c/2611c9616cb52d3ed54a6095d72d18e645a6955a

https://git.kernel.org/stable/c/97f27573837ef96b4ba42af463cc800cab615c0e

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-71308

Description

Affected Products

References