CVE-2025-71307

Source
https://cve.org/CVERecord?id=CVE-2025-71307
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-71307.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-71307
Downstream
Published
2026-05-27T12:14:59.693Z
Modified
2026-07-08T07:32:18.173801551Z
Summary
drm/panthor: Fix NULL pointer dereference on panthor_fw_unplug
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/panthor: Fix NULL pointer dereference on panthorfwunplug

This patch removes the MCU halt and wait for halt procedures during panthorfwunplug() as the MCU can be in a variety of states or the FW may not even be loaded/initialized at all, the latter of which can lead to a NULL pointer dereference.

It should be safe on unplug to just disable the MCU without waiting for it to halt as it may not be able to.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71307.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
51407254986501b19681d55531963f1ea58e89cd
Fixed
aab8b8a42e206a399fe3a5ed4b4cbb45ff6c546c
Fixed
920c6af98e98e6afedf6318a75bac95af8415c6c

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-71307.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.4

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-71307.json"