CVE-2025-71301

Source
https://cve.org/CVERecord?id=CVE-2025-71301
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-71301.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-71301
Downstream
Published
2026-05-08T13:15:22.100Z
Modified
2026-07-15T01:49:02.264172440Z
Summary
drm/tests: shmem: Hold reservation lock around vmap/vunmap
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/tests: shmem: Hold reservation lock around vmap/vunmap

Acquire and release the GEM object's reservation lock around vmap and vunmap operations. The tests use vmap_locked, which led to errors such as show below.

[ 122.292030] WARNING: CPU: 3 PID: 1413 at drivers/gpu/drm/drmgemshmemhelper.c:390 drmgemshmemvmap_locked+0x3a3/0x6f0

[ 122.468066] WARNING: CPU: 3 PID: 1413 at drivers/gpu/drm/drmgemshmemhelper.c:293 drmgemshmempin_locked+0x1fe/0x350

[ 122.563504] WARNING: CPU: 3 PID: 1413 at drivers/gpu/drm/drmgemshmemhelper.c:234 drmgemshmemgetpageslocked+0x23c/0x370

[ 122.662248] WARNING: CPU: 2 PID: 1413 at drivers/gpu/drm/drmgemshmemhelper.c:452 drmgemshmemvunmap_locked+0x101/0x330

Only export the new vmap/vunmap helpers for Kunit tests. These are not interfaces for regular drivers.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71301.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
954907f7147dc43e0d1cd4d430c21d143d5fdf55
Fixed
6b953d92f2f29e74b125617c6f00300fa1bed97e
Fixed
e7b7022f11d3cf281c726117478696b83681bf11
Fixed
cda83b099f117f2a28a77bf467af934cb39e49cf

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-71301.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.16.0
Fixed
6.18.16
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.6

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-71301.json"