NULL Pointer Dereference in Linux Kernel PCI Endpoint Driver by Vendor Linux
CVE-2025-71233

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
18 February 2026

What is CVE-2025-71233?

In the Linux kernel, a vulnerability exists in the PCI endpoint driver due to the asynchronous creation of sub-groups that can cause a NULL pointer dereference. This issue can occur if the driver directory is removed before the delayed work completes. A crash can be easily replicated through a sequence of kernel commands that demonstrate the scenario, resulting in a bug report indicating a NULL pointer dereference error. The problem has been addressed by implementing the configfs_add_default_group() API, which eliminates the deadlock concerns associated with the previous method of group registration.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux e85a2d7837622bd99c96f5bbc7f972da90c285a2

Linux e85a2d7837622bd99c96f5bbc7f972da90c285a2 < 5f609b3bffd4207cf9f2c9b41e1978457a5a1ea9

Linux e85a2d7837622bd99c96f5bbc7f972da90c285a2 < 8cb905eca73944089a0db01443c7628a9e87012d

References

https://git.kernel.org/stable/c/fa9fb38f5fe9c80094c213835...
https://git.kernel.org/stable/c/5f609b3bffd4207cf9f2c9b41...
https://git.kernel.org/stable/c/8cb905eca73944089a0db0144...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.