{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-71301", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-05-08T13:14:33.087Z", "datePublished": "2026-05-08T13:15:22.100Z", "dateUpdated": "2026-05-11T21:57:33.226Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T21:57:33.226Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tests: shmem: Hold reservation lock around vmap/vunmap\n\nAcquire and release the GEM object's reservation lock around vmap and\nvunmap operations. The tests use vmap_locked, which led to errors such\nas show below.\n\n[ 122.292030] WARNING: CPU: 3 PID: 1413 at drivers/gpu/drm/drm_gem_shmem_helper.c:390 drm_gem_shmem_vmap_locked+0x3a3/0x6f0\n\n[ 122.468066] WARNING: CPU: 3 PID: 1413 at drivers/gpu/drm/drm_gem_shmem_helper.c:293 drm_gem_shmem_pin_locked+0x1fe/0x350\n\n[ 122.563504] WARNING: CPU: 3 PID: 1413 at drivers/gpu/drm/drm_gem_shmem_helper.c:234 drm_gem_shmem_get_pages_locked+0x23c/0x370\n\n[ 122.662248] WARNING: CPU: 2 PID: 1413 at drivers/gpu/drm/drm_gem_shmem_helper.c:452 drm_gem_shmem_vunmap_locked+0x101/0x330\n\nOnly export the new vmap/vunmap helpers for Kunit tests. These are\nnot interfaces for regular drivers."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/drm_gem_shmem_helper.c", "drivers/gpu/drm/tests/drm_gem_shmem_test.c", "include/drm/drm_gem_shmem_helper.h"], "versions": [{"version": "954907f7147dc43e0d1cd4d430c21d143d5fdf55", "lessThan": "6b953d92f2f29e74b125617c6f00300fa1bed97e", "status": "affected", "versionType": "git"}, {"version": "954907f7147dc43e0d1cd4d430c21d143d5fdf55", "lessThan": "e7b7022f11d3cf281c726117478696b83681bf11", "status": "affected", "versionType": "git"}, {"version": "954907f7147dc43e0d1cd4d430c21d143d5fdf55", "lessThan": "cda83b099f117f2a28a77bf467af934cb39e49cf", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/drm_gem_shmem_helper.c", "drivers/gpu/drm/tests/drm_gem_shmem_test.c", "include/drm/drm_gem_shmem_helper.h"], "versions": [{"version": "6.16", "status": "affected"}, {"version": "0", "lessThan": "6.16", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.16", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.6", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.16", "versionEndExcluding": "6.18.16"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.16", "versionEndExcluding": "6.19.6"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.16", "versionEndExcluding": "7.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/6b953d92f2f29e74b125617c6f00300fa1bed97e"}, {"url": "https://git.kernel.org/stable/c/e7b7022f11d3cf281c726117478696b83681bf11"}, {"url": "https://git.kernel.org/stable/c/cda83b099f117f2a28a77bf467af934cb39e49cf"}], "title": "drm/tests: shmem: Hold reservation lock around vmap/vunmap", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4562EDA-AFEA-4C62-97CC-C83E109A5F19", "versionEndExcluding": "6.18.16", "versionStartIncluding": "6.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "373EEEDA-FAA1-4FB4-B6ED-DB4DD99DBE67", "versionEndExcluding": "6.19.6", "versionStartIncluding": "6.19", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tests: shmem: Hold reservation lock around vmap/vunmap\n\nAcquire and release the GEM object's reservation lock around vmap and\nvunmap operations. The tests use vmap_locked, which led to errors such\nas show below.\n\n[ 122.292030] WARNING: CPU: 3 PID: 1413 at drivers/gpu/drm/drm_gem_shmem_helper.c:390 drm_gem_shmem_vmap_locked+0x3a3/0x6f0\n\n[ 122.468066] WARNING: CPU: 3 PID: 1413 at drivers/gpu/drm/drm_gem_shmem_helper.c:293 drm_gem_shmem_pin_locked+0x1fe/0x350\n\n[ 122.563504] WARNING: CPU: 3 PID: 1413 at drivers/gpu/drm/drm_gem_shmem_helper.c:234 drm_gem_shmem_get_pages_locked+0x23c/0x370\n\n[ 122.662248] WARNING: CPU: 2 PID: 1413 at drivers/gpu/drm/drm_gem_shmem_helper.c:452 drm_gem_shmem_vunmap_locked+0x101/0x330\n\nOnly export the new vmap/vunmap helpers for Kunit tests. These are\nnot interfaces for regular drivers."}], "id": "CVE-2025-71301", "lastModified": "2026-05-14T19:09:41.500", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-05-08T14:16:31.497", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6b953d92f2f29e74b125617c6f00300fa1bed97e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/cda83b099f117f2a28a77bf467af934cb39e49cf"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e7b7022f11d3cf281c726117478696b83681bf11"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: drm/tests: shmem: Hold reservation lock around vmap/vunmap", "id": "2468083", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468083"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-413", "details": ["A flaw was found in the Linux kernel's Direct Rendering Manager (DRM) subsystem, specifically within the shared memory (shmem) test module. This vulnerability occurs because the reservation lock is not properly held during vmap and vunmap operations. A local attacker could potentially exploit this flaw to trigger kernel warnings, leading to system instability or a denial of service (DoS) condition."], "name": "CVE-2025-71301", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-05-08T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-71301\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-71301\nhttps://lore.kernel.org/linux-cve-announce/2026050825-CVE-2025-71301-e6f6@gregkh/T"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[954907f7147dc43e0d1cd4d430c21d143d5fdf55,6b953d92f2f29e74b125617c6f00300fa1bed97e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[954907f7147dc43e0d1cd4d430c21d143d5fdf55,e7b7022f11d3cf281c726117478696b83681bf11)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[954907f7147dc43e0d1cd4d430c21d143d5fdf55,cda83b099f117f2a28a77bf467af934cb39e49cf)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "6.16"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[0,6.16)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.16,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.19.6,6.20.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[7.0,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "created": "2026-05-08T15:45:08.662355+00:00", "updated": "2026-05-14T22:45:31.103491+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}