PatchSiren

PatchSiren cyber security CVE debrief

CVE-2025-71162 Linux CVE debrief

A use-after-free vulnerability exists in the Linux kernel's Tegra ADMA driver when audio streams are terminated, particularly during XRUN conditions. The issue occurs when the DMA buffer is freed by tegra_adma_terminate_all() before the vchan completion tasklet finishes accessing it. This can lead to a race condition where the tasklet attempts to access already-freed memory, resulting in a use-after-free bug.

Vendor
Linux
Product
Unknown
CVSS
HIGH 7.8
CISA KEV
Not listed in stored evidence
Original CVE published
2026-01-25
Original CVE updated
2026-07-14
Advisory published
2026-01-25
Advisory updated
2026-07-14

Who should care

Users and administrators of Linux-based systems, particularly those using the Tegra ADMA driver, should be aware of this vulnerability. This vulnerability may allow local attackers to escalate privileges or cause a denial of service.

Technical summary

The vulnerability is caused by a race condition in the Tegra ADMA driver. When audio playback stops, the tegra_adma_terminate_all() function frees the DMA buffer memory. However, if the vchan completion tasklet has not yet finished executing, it will attempt to access the already-freed memory, resulting in a use-after-free bug. The fix involves properly synchronizing the virtual channel completion by calling vchan_terminate_vdesc() in tegra_adma_stop() and adding a callback tegra_adma_synchronize() that calls vchan_synchronize() to kill any pending tasklets and free terminated descriptors.

Defensive priority

High

Recommended defensive actions

  • Apply the official patches provided by the Linux kernel maintainers.
  • Ensure that the Linux kernel is updated to a version that includes the fix.
  • Monitor system logs for any suspicious activity related to the Tegra ADMA driver.
  • Consider implementing additional security controls, such as SELinux or AppArmor, to restrict access to sensitive resources.
  • Review system configurations and ensure that the Tegra ADMA driver is properly configured.
  • Perform regular security audits to identify potential vulnerabilities.
  • Track and verify patch deployment for affected systems.

Evidence notes

The CVE record was published on 2026-01-25T15:15:53.947Z and last modified on 2026-07-14T13:18:04.563Z. The NVD entry is currently Modified. Evidence is limited to public sources and may not reflect all affected systems or potential impacts. Defenders should verify system exposure and apply patches or mitigations as needed.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-01-25T15:15:53.947Z and has not been modified since then.