Vulnerability-Lookup

CVE-2025-71221 (GCVE-0-2025-71221)

Vulnerability from cvelistv5 – Published: 2026-02-14 16:27 – Updated: 2026-02-16 08:58

Title

dmaengine: mmp_pdma: Fix race condition in mmp_pdma_residue()

Summary

In the Linux kernel, the following vulnerability has been resolved: dmaengine: mmp_pdma: Fix race condition in mmp_pdma_residue() Add proper locking in mmp_pdma_residue() to prevent use-after-free when accessing descriptor list and descriptor contents. The race occurs when multiple threads call tx_status() while the tasklet on another CPU is freeing completed descriptors: CPU 0 CPU 1 ----- ----- mmp_pdma_tx_status() mmp_pdma_residue() -> NO LOCK held list_for_each_entry(sw, ..) DMA interrupt dma_do_tasklet() -> spin_lock(&desc_lock) list_move(sw->node, ...) spin_unlock(&desc_lock) | dma_pool_free(sw) <- FREED! -> access sw->desc <- UAF! This issue can be reproduced when running dmatest on the same channel with multiple threads (threads_per_chan > 1). Fix by protecting the chain_running list iteration and descriptor access with the chan->desc_lock spinlock.

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

FKIE_CVE-2025-71221

Vulnerability from fkie_nvd - Published: 2026-02-14 17:15 - Updated: 2026-02-18 17:52

Severity ?

Summary

References

	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/9f665b3c3d9a168410251f27a5d019b7bf93185c
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/a143545855bc2c6e1330f6f57ae375ac44af00a7

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: mmp_pdma: Fix race condition in mmp_pdma_residue()\n\nAdd proper locking in mmp_pdma_residue() to prevent use-after-free when\naccessing descriptor list and descriptor contents.\n\nThe race occurs when multiple threads call tx_status() while the tasklet\non another CPU is freeing completed descriptors:\n\nCPU 0                              CPU 1\n-----                              -----\nmmp_pdma_tx_status()\nmmp_pdma_residue()\n  -\u003e NO LOCK held\n     list_for_each_entry(sw, ..)\n                                   DMA interrupt\n                                   dma_do_tasklet()\n                                     -\u003e spin_lock(\u0026desc_lock)\n                                        list_move(sw-\u003enode, ...)\n                                        spin_unlock(\u0026desc_lock)\n  |                                     dma_pool_free(sw) \u003c- FREED!\n  -\u003e access sw-\u003edesc \u003c- UAF!\n\nThis issue can be reproduced when running dmatest on the same channel with\nmultiple threads (threads_per_chan \u003e 1).\n\nFix by protecting the chain_running list iteration and descriptor access\nwith the chan-\u003edesc_lock spinlock."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\ndmaengine: mmp_pdma: Correcci\u00f3n de condici\u00f3n de carrera en mmp_pdma_residue()\n\nA\u00f1adir bloqueo adecuado en mmp_pdma_residue() para prevenir uso despu\u00e9s de liberaci\u00f3n al acceder a la lista de descriptores y al contenido del descriptor.\n\nLa condici\u00f3n de carrera ocurre cuando m\u00faltiples hilos llaman a tx_status() mientras el tasklet en otra CPU est\u00e1 liberando descriptores completados:\n\nCPU 0                              CPU 1\n-----                              -----\nmmp_pdma_tx_status()\nmmp_pdma_residue()\n  -\u0026gt; SIN BLOQUEO mantenido\n     list_for_each_entry(sw, ..)\n                                   Interrupci\u00f3n DMA\n                                   dma_do_tasklet()\n                                     -\u0026gt; spin_lock(\u0026amp;desc_lock)\n                                        list_move(sw-\u0026gt;node, ...)\n                                        spin_unlock(\u0026amp;desc_lock)\n  |                                     dma_pool_free(sw) \u0026lt;- \u00a1LIBERADO!\n  -\u0026gt; acceso a sw-\u0026gt;desc \u0026lt;- \u00a1UAF!\n\nEste problema puede ser reproducido al ejecutar dmatest en el mismo canal con m\u00faltiples hilos (hilos_por_canal \u0026gt; 1).\n\nSoluci\u00f3n protegiendo la iteraci\u00f3n de la lista chain_running y el acceso al descriptor con el spinlock chan-\u0026gt;desc_lock."
    }
  ],
  "id": "CVE-2025-71221",
  "lastModified": "2026-02-18T17:52:22.253",
  "metrics": {},
  "published": "2026-02-14T17:15:54.450",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/9f665b3c3d9a168410251f27a5d019b7bf93185c"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/a143545855bc2c6e1330f6f57ae375ac44af00a7"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}

WID-SEC-W-2026-0421

Vulnerability from csaf_certbund - Published: 2026-02-15 23:00 - Updated: 2026-02-15 23:00

Summary

Linux Kernel: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um nicht näher spezifizierte Angriffe durchzuführen, die möglicherweise zu einer Denial-of-Service- Bedingung führen oder eine Speicherbeschädigung verursachen können.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um nicht n\u00e4her spezifizierte Angriffe durchzuf\u00fchren, die m\u00f6glicherweise zu einer Denial-of-Service- Bedingung f\u00fchren oder eine Speicherbesch\u00e4digung verursachen k\u00f6nnen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-0421 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0421.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-0421 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0421"
      },
      {
        "category": "external",
        "summary": "Kernel CVE Announce Mailingliste",
        "url": "https://lore.kernel.org/linux-cve-announce/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71200",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021403-CVE-2025-71200-b7c7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71201",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021428-CVE-2025-71201-9d67@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71202",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021414-CVE-2025-71202-4c01@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71203",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021423-CVE-2025-71203-a81c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71204",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021425-CVE-2025-71204-88b2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71220",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021425-CVE-2025-71220-162f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71221",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021426-CVE-2025-71221-2987@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71222",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021426-CVE-2025-71222-1437@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71223",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021426-CVE-2025-71223-65b9@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71224",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021427-CVE-2025-71224-318e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23111",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021300-CVE-2026-23111-9762@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23112",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021302-CVE-2026-23112-6499@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23113",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021405-CVE-2026-23113-a027@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23114",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021405-CVE-2026-23114-21a3@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23115",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021406-CVE-2026-23115-64da@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23116",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021406-CVE-2026-23116-41e5@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23117",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021406-CVE-2026-23117-0b29@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23118",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021407-CVE-2026-23118-7579@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23119",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021407-CVE-2026-23119-0f44@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23120",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021407-CVE-2026-23120-5f82@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23121",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021408-CVE-2026-23121-73e6@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23123",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021408-CVE-2026-23123-9ee2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23124",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021409-CVE-2026-23124-2074@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23125",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021409-CVE-2026-23125-1ee3@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23126",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021409-CVE-2026-23126-b259@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23127",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021410-CVE-2026-23127-d01a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23128",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021410-CVE-2026-23128-fab1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23129",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021410-CVE-2026-23129-81ae@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23130",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021411-CVE-2026-23130-4390@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23131",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021411-CVE-2026-23131-6201@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23132",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021437-CVE-2026-23132-175d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23133",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021437-CVE-2026-23133-19ce@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23134",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021437-CVE-2026-23134-22cb@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23135",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021438-CVE-2026-23135-74c1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23136",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021428-CVE-2026-23136-f28c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23137",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021429-CVE-2026-23137-b77f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23138",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021429-CVE-2026-23138-9853@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23139",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021429-CVE-2026-23139-a7b4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23140",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021430-CVE-2026-23140-fed3@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23141",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021415-CVE-2026-23141-c6bd@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23142",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021416-CVE-2026-23142-f91e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23143",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021416-CVE-2026-23143-9346@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23144",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021417-CVE-2026-23144-297b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23145",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021417-CVE-2026-23145-0c0b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23146",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021411-CVE-2026-23146-3658@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23147",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021413-CVE-2026-23147-1f6d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23148",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021413-CVE-2026-23148-bb5d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23149",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021413-CVE-2026-23149-8329@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23150",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021414-CVE-2026-23150-5706@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23151",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021414-CVE-2026-23151-74d4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23152",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021414-CVE-2026-23152-c2ae@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23153",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021415-CVE-2026-23153-9e56@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23154",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021415-CVE-2026-23154-f658@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23155",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021415-CVE-2026-23155-32be@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23156",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021416-CVE-2026-23156-b2f4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23157",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021416-CVE-2026-23157-6214@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23158",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021417-CVE-2026-23158-052d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23159",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021417-CVE-2026-23159-7d2c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23160",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021417-CVE-2026-23160-d1e6@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23161",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021418-CVE-2026-23161-d727@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23162",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021418-CVE-2026-23162-da25@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23163",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021418-CVE-2026-23163-abc8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23164",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021419-CVE-2026-23164-9874@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23165",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021419-CVE-2026-23165-3437@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23166",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021419-CVE-2026-23166-c1fa@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23167",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021420-CVE-2026-23167-1892@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23168",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021420-CVE-2026-23168-0630@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23169",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021420-CVE-2026-23169-38ea@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23170",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021421-CVE-2026-23170-7a51@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23171",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021421-CVE-2026-23171-5a73@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23172",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021421-CVE-2026-23172-acf0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23173",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021422-CVE-2026-23173-4a20@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23174",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021427-CVE-2026-23174-0b41@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23175",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021427-CVE-2026-23175-8c89@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23176",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021428-CVE-2026-23176-4baf@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23177",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021428-CVE-2026-23177-a343@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23178",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021428-CVE-2026-23178-ffd4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23179",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021429-CVE-2026-23179-6ff7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23180",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021429-CVE-2026-23180-19a8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23181",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021429-CVE-2026-23181-7c82@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23182",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021430-CVE-2026-23182-651e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23183",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021430-CVE-2026-23183-b758@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23184",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021430-CVE-2026-23184-a1f1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23185",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021431-CVE-2026-23185-7d56@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23186",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021431-CVE-2026-23186-c917@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23187",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021431-CVE-2026-23187-018e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23188",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021432-CVE-2026-23188-c03c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23189",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021432-CVE-2026-23189-3d9f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23190",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021433-CVE-2026-23190-0719@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23191",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021433-CVE-2026-23191-f990@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23192",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021433-CVE-2026-23192-72a9@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23193",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021434-CVE-2026-23193-2c6c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23194",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021434-CVE-2026-23194-5976@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23195",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021434-CVE-2026-23195-6042@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23196",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021435-CVE-2026-23196-2812@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23197",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021435-CVE-2026-23197-59da@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23198",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021435-CVE-2026-23198-8a25@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23199",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021436-CVE-2026-23199-0dc0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23200",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021436-CVE-2026-23200-e35e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23201",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021436-CVE-2026-23201-4530@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23202",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021437-CVE-2026-23202-0480@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23203",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021437-CVE-2026-23203-de1a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23204",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021437-CVE-2026-23204-be85@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23205",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021438-CVE-2026-23205-a62a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23206",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021438-CVE-2026-23206-ed03@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23207",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021438-CVE-2026-23207-a80c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23208",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021439-CVE-2026-23208-cc9e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23209",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021439-CVE-2026-23209-9ad6@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23210",
        "url": "https://lore.kernel.org/linux-cve-announce/2026021439-CVE-2026-23210-7cac@gregkh/"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-02-15T23:00:00.000+00:00",
      "generator": {
        "date": "2026-02-16T11:30:28.482+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2026-0421",
      "initial_release_date": "2026-02-15T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-02-15T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T050933",
              "product_identification_helper": {
                "cpe": "cpe:/o:linux:linux_kernel:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-23156",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23156"
    },
    {
      "cve": "CVE-2026-23157",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23157"
    },
    {
      "cve": "CVE-2026-23158",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23158"
    },
    {
      "cve": "CVE-2026-23159",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23159"
    },
    {
      "cve": "CVE-2026-23160",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23160"
    },
    {
      "cve": "CVE-2026-23161",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23161"
    },
    {
      "cve": "CVE-2026-23162",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23162"
    },
    {
      "cve": "CVE-2026-23163",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23163"
    },
    {
      "cve": "CVE-2026-23164",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23164"
    },
    {
      "cve": "CVE-2026-23165",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23165"
    },
    {
      "cve": "CVE-2026-23166",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23166"
    },
    {
      "cve": "CVE-2026-23167",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23167"
    },
    {
      "cve": "CVE-2026-23168",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23168"
    },
    {
      "cve": "CVE-2026-23169",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23169"
    },
    {
      "cve": "CVE-2026-23170",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23170"
    },
    {
      "cve": "CVE-2026-23171",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23171"
    },
    {
      "cve": "CVE-2026-23172",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23172"
    },
    {
      "cve": "CVE-2026-23173",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23173"
    },
    {
      "cve": "CVE-2026-23174",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23174"
    },
    {
      "cve": "CVE-2026-23175",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23175"
    },
    {
      "cve": "CVE-2026-23176",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23176"
    },
    {
      "cve": "CVE-2026-23177",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23177"
    },
    {
      "cve": "CVE-2026-23178",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23178"
    },
    {
      "cve": "CVE-2026-23179",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23179"
    },
    {
      "cve": "CVE-2026-23180",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23180"
    },
    {
      "cve": "CVE-2026-23181",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23181"
    },
    {
      "cve": "CVE-2026-23182",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23182"
    },
    {
      "cve": "CVE-2026-23183",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23183"
    },
    {
      "cve": "CVE-2026-23184",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23184"
    },
    {
      "cve": "CVE-2026-23185",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23185"
    },
    {
      "cve": "CVE-2026-23186",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23186"
    },
    {
      "cve": "CVE-2026-23187",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23187"
    },
    {
      "cve": "CVE-2026-23188",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23188"
    },
    {
      "cve": "CVE-2026-23189",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23189"
    },
    {
      "cve": "CVE-2026-23190",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23190"
    },
    {
      "cve": "CVE-2026-23191",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23191"
    },
    {
      "cve": "CVE-2026-23192",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23192"
    },
    {
      "cve": "CVE-2026-23193",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23193"
    },
    {
      "cve": "CVE-2026-23194",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23194"
    },
    {
      "cve": "CVE-2026-23195",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23195"
    },
    {
      "cve": "CVE-2026-23196",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23196"
    },
    {
      "cve": "CVE-2026-23197",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23197"
    },
    {
      "cve": "CVE-2026-23198",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23198"
    },
    {
      "cve": "CVE-2026-23199",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23199"
    },
    {
      "cve": "CVE-2026-23200",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23200"
    },
    {
      "cve": "CVE-2026-23201",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23201"
    },
    {
      "cve": "CVE-2026-23202",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23202"
    },
    {
      "cve": "CVE-2026-23203",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23203"
    },
    {
      "cve": "CVE-2026-23204",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23204"
    },
    {
      "cve": "CVE-2026-23205",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23205"
    },
    {
      "cve": "CVE-2026-23206",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23206"
    },
    {
      "cve": "CVE-2026-23207",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23207"
    },
    {
      "cve": "CVE-2026-23208",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23208"
    },
    {
      "cve": "CVE-2026-23209",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23209"
    },
    {
      "cve": "CVE-2026-23210",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23210"
    },
    {
      "cve": "CVE-2025-71200",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2025-71200"
    },
    {
      "cve": "CVE-2025-71201",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2025-71201"
    },
    {
      "cve": "CVE-2025-71202",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2025-71202"
    },
    {
      "cve": "CVE-2025-71203",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2025-71203"
    },
    {
      "cve": "CVE-2025-71204",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2025-71204"
    },
    {
      "cve": "CVE-2025-71220",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2025-71220"
    },
    {
      "cve": "CVE-2025-71221",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2025-71221"
    },
    {
      "cve": "CVE-2025-71222",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2025-71222"
    },
    {
      "cve": "CVE-2025-71223",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2025-71223"
    },
    {
      "cve": "CVE-2025-71224",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2025-71224"
    },
    {
      "cve": "CVE-2026-23111",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23111"
    },
    {
      "cve": "CVE-2026-23112",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23112"
    },
    {
      "cve": "CVE-2026-23113",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23113"
    },
    {
      "cve": "CVE-2026-23114",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23114"
    },
    {
      "cve": "CVE-2026-23115",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23115"
    },
    {
      "cve": "CVE-2026-23116",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23116"
    },
    {
      "cve": "CVE-2026-23117",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23117"
    },
    {
      "cve": "CVE-2026-23118",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23118"
    },
    {
      "cve": "CVE-2026-23119",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23119"
    },
    {
      "cve": "CVE-2026-23120",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23120"
    },
    {
      "cve": "CVE-2026-23121",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23121"
    },
    {
      "cve": "CVE-2026-23123",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23123"
    },
    {
      "cve": "CVE-2026-23124",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23124"
    },
    {
      "cve": "CVE-2026-23125",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23125"
    },
    {
      "cve": "CVE-2026-23126",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23126"
    },
    {
      "cve": "CVE-2026-23127",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23127"
    },
    {
      "cve": "CVE-2026-23128",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23128"
    },
    {
      "cve": "CVE-2026-23129",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23129"
    },
    {
      "cve": "CVE-2026-23130",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23130"
    },
    {
      "cve": "CVE-2026-23131",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23131"
    },
    {
      "cve": "CVE-2026-23132",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23132"
    },
    {
      "cve": "CVE-2026-23133",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23133"
    },
    {
      "cve": "CVE-2026-23134",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23134"
    },
    {
      "cve": "CVE-2026-23135",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23135"
    },
    {
      "cve": "CVE-2026-23136",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23136"
    },
    {
      "cve": "CVE-2026-23137",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23137"
    },
    {
      "cve": "CVE-2026-23138",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23138"
    },
    {
      "cve": "CVE-2026-23139",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23139"
    },
    {
      "cve": "CVE-2026-23140",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23140"
    },
    {
      "cve": "CVE-2026-23141",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23141"
    },
    {
      "cve": "CVE-2026-23142",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23142"
    },
    {
      "cve": "CVE-2026-23143",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23143"
    },
    {
      "cve": "CVE-2026-23144",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23144"
    },
    {
      "cve": "CVE-2026-23145",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23145"
    },
    {
      "cve": "CVE-2026-23146",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23146"
    },
    {
      "cve": "CVE-2026-23147",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23147"
    },
    {
      "cve": "CVE-2026-23148",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23148"
    },
    {
      "cve": "CVE-2026-23149",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23149"
    },
    {
      "cve": "CVE-2026-23150",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23150"
    },
    {
      "cve": "CVE-2026-23151",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23151"
    },
    {
      "cve": "CVE-2026-23152",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23152"
    },
    {
      "cve": "CVE-2026-23153",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23153"
    },
    {
      "cve": "CVE-2026-23154",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23154"
    },
    {
      "cve": "CVE-2026-23155",
      "product_status": {
        "known_affected": [
          "T050933"
        ]
      },
      "release_date": "2026-02-15T23:00:00.000+00:00",
      "title": "CVE-2026-23155"
    }
  ]
}

GHSA-959M-9W2W-7JXC

Vulnerability from github – Published: 2026-02-14 18:30 – Updated: 2026-02-14 18:30

Details

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: mmp_pdma: Fix race condition in mmp_pdma_residue()

Add proper locking in mmp_pdma_residue() to prevent use-after-free when accessing descriptor list and descriptor contents.

The race occurs when multiple threads call tx_status() while the tasklet on another CPU is freeing completed descriptors:

CPU 0 CPU 1 ----- ----- mmp_pdma_tx_status() mmp_pdma_residue() -> NO LOCK held list_for_each_entry(sw, ..) DMA interrupt dma_do_tasklet() -> spin_lock(&desc_lock) list_move(sw->node, ...) spin_unlock(&desc_lock) | dma_pool_free(sw) <- FREED! -> access sw->desc <- UAF!

This issue can be reproduced when running dmatest on the same channel with multiple threads (threads_per_chan > 1).

Fix by protecting the chain_running list iteration and descriptor access with the chan->desc_lock spinlock.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-71221"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-14T17:15:54Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: mmp_pdma: Fix race condition in mmp_pdma_residue()\n\nAdd proper locking in mmp_pdma_residue() to prevent use-after-free when\naccessing descriptor list and descriptor contents.\n\nThe race occurs when multiple threads call tx_status() while the tasklet\non another CPU is freeing completed descriptors:\n\nCPU 0                              CPU 1\n-----                              -----\nmmp_pdma_tx_status()\nmmp_pdma_residue()\n  -\u003e NO LOCK held\n     list_for_each_entry(sw, ..)\n                                   DMA interrupt\n                                   dma_do_tasklet()\n                                     -\u003e spin_lock(\u0026desc_lock)\n                                        list_move(sw-\u003enode, ...)\n                                        spin_unlock(\u0026desc_lock)\n  |                                     dma_pool_free(sw) \u003c- FREED!\n  -\u003e access sw-\u003edesc \u003c- UAF!\n\nThis issue can be reproduced when running dmatest on the same channel with\nmultiple threads (threads_per_chan \u003e 1).\n\nFix by protecting the chain_running list iteration and descriptor access\nwith the chan-\u003edesc_lock spinlock.",
  "id": "GHSA-959m-9w2w-7jxc",
  "modified": "2026-02-14T18:30:15Z",
  "published": "2026-02-14T18:30:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-71221"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9f665b3c3d9a168410251f27a5d019b7bf93185c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a143545855bc2c6e1330f6f57ae375ac44af00a7"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-71221 (GCVE-0-2025-71221)

FKIE_CVE-2025-71221

WID-SEC-W-2026-0421

GHSA-959M-9W2W-7JXC

Tags

Sightings

Nomenclature