CVE-2025-71308

Summary

In the Linux kernel, the following vulnerability has been resolved:

accel/amdxdna: Fix potential NULL pointer dereference in context cleanup

aie_destroy_context() is invoked during error handling in aie2_create_context(). However, aie_destroy_context() assumes that the context's mailbox channel pointer is non-NULL. If mailbox channel creation fails, the pointer remains NULL and calling aie_destroy_context() can lead to a NULL pointer dereference.

In aie2_create_context(), replace aie_destroy_context() with a function which request firmware to remove the context created previously.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxbe462c97b7dfd24999babe39cce3de224ebe1f80 < 2611c9616cb52d3ed54a6095d72d18e645a6955aaffected
LinuxLinuxbe462c97b7dfd24999babe39cce3de224ebe1f80 < 97f27573837ef96b4ba42af463cc800cab615c0eaffected
LinuxLinux6.14affected
LinuxLinux0 < 6.14unaffected
LinuxLinux6.19.4 <= 6.19.*unaffected
LinuxLinux7.0 <= *unaffected

Weaknesses

References