VDB
CVE-2025-71076
CVE-2025-71076
PUBLISHED
In the Linux kernel, the following vulnerability has been resolved: scsi: aic94xx: fix use-after-free in device removal path The asd_pci_remove() function fails to synchronize with pending tasklets before freeing the asd_ha structure, leading to a potential use-after-free vulnerability. When a device removal is triggered (via hot-unplug or module unload), race condition can occur. The fix adds tasklet_kill() before freeing the asd_ha structure, ensuring all scheduled tasklets complete before cleanup proceeds.
EPSS 0.02% · 6.6th percentile
Risk Scores
EPSS Score
0.02%
6.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux | 6.18.3, 0, 5.15.198 |
| linux | linux_kernel | 2.6.19, 2.6.19, 2.6.19 |
Exploit Intelligence
- https://git.kernel.org/stable/c/c8f6f88cd1df35155258285c4f43268b361819df (circl)
- https://git.kernel.org/stable/c/278455a82245a572aeb218a6212a416a98e418de (circl)
- https://git.kernel.org/stable/c/b3e655e52b98a1d3df41c8e42035711e083099f8 (circl)
- https://git.kernel.org/stable/c/e354793a7ab9bb0934ea699a9d57bcd1b48fc27b (circl)
- https://git.kernel.org/stable/c/a41dc180b6e1229ae49ca290ae14d82101c148c3 (circl)
- https://git.kernel.org/stable/c/751c19635c2bfaaf2836a533caa3663633066dcf (circl)
- https://git.kernel.org/stable/c/f6ab594672d4cba08540919a4e6be2e202b60007 (circl)
- CIRCL seen: CVE-2025-71075 (circl-sighting)
- CIRCL seen: CVE-2025-71075 (circl-sighting)
- CVE-2025-38126.yara (github-yara)
…and 39 more exploits
Timeline
- Oct 17, 2025 PoC Published
- Oct 21, 2025 PoC Published
- Dec 18, 2025 PoC Published
- Dec 19, 2025 PoC Published
- Dec 26, 2025 PoC Published
- Dec 29, 2025 PoC Published
- Dec 30, 2025 PoC Published
- Dec 30, 2025 PoC Published
- Dec 30, 2025 PoC Published
- Jan 7, 2026 PoC Published
- Jan 13, 2026 CVE Published
- Jan 13, 2026 PoC Published
References
- https://lists.debian.org/debian-security-announce/2026/msg00036.html advisory
- https://lists.debian.org/debian-security-announce/2026/msg00035.html advisory
- https://git.kernel.org/stable/c/c8f6f88cd1df35155258285c4f43268b361819df url
- https://git.kernel.org/stable/c/278455a82245a572aeb218a6212a416a98e418de url
- https://git.kernel.org/stable/c/b3e655e52b98a1d3df41c8e42035711e083099f8 url
- https://git.kernel.org/stable/c/e354793a7ab9bb0934ea699a9d57bcd1b48fc27b url
- https://git.kernel.org/stable/c/a41dc180b6e1229ae49ca290ae14d82101c148c3 url
- https://git.kernel.org/stable/c/751c19635c2bfaaf2836a533caa3663633066dcf url
- https://git.kernel.org/stable/c/f6ab594672d4cba08540919a4e6be2e202b60007 url
- https://www.suse.com/support/update/announcement/2026/suse-su-20260674-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-202620520-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-202620556-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-202620555-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-202620517-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-202620615-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-202620558-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-202620516-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-20260713-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-202620570-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-20260700-1 advisory
…and 63 more