CVE-2025-71188

medium

Description

In the Linux kernel, the following vulnerability has been resolved: dmaengine: lpc18xx-dmamux: fix device leak on route allocation Make sure to drop the reference taken when looking up the DMA mux platform device during route allocation. Note that holding a reference to a device does not prevent its driver data from going away so there is no point in keeping the reference.

References

https://git.kernel.org/stable/c/d4d63059dee7e7cae0c4d9a532ed558bc90efb55

https://git.kernel.org/stable/c/9fba97baa520c9446df51a64708daf27c5a7ed32

https://git.kernel.org/stable/c/992eb8055a6e5dbb808672d20d68e60d5a89b12b

https://git.kernel.org/stable/c/1e47d80f6720f0224efd19bcf081d39637569c10

Details

Source: Mitre, NVD

Published: 2026-01-31

Updated: 2026-01-31

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00018