Use After Free in Linux

CVE-2025-71071

In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: fix use-after-free on probe deferral The driver is dropping the references taken to the larb devices during probe after successful lookup as well as on e…

Vulnerability class: Use-After-Free

EPSS: 0.001 (2.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

  • Linux — versions 26593928564cf5b576ff05d3cbd958f57c9534bb, 51080de72e26771f0ed9d44982974279ccbc92b8, 6.2
  • Linux Linux_kernel — versions 6.2, 6.19

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2025-71071?
CVE-2025-71071 is a high-severity vulnerability in Linux, classified under Use After Free. CVSS score: 7.8/10. Published 2026-01-13.
How severe is CVE-2025-71071?
High severity. CVSS v3 base score is 7.8 out of 10.