CVE-2025-71308

accel/amdxdna: Fix potential NULL pointer dereference in context cleanup

Assigner: Linux
Reserved: 08.05.2026 Published: 27.05.2026 Updated: 27.05.2026

In the Linux kernel, the following vulnerability has been resolved:

accel/amdxdna: Fix potential NULL pointer dereference in context cleanup

aie_destroy_context() is invoked during error handling in aie2_create_context(). However, aie_destroy_context() assumes that the context's mailbox channel pointer is non-NULL. If mailbox channel creation fails, the pointer remains NULL and calling aie_destroy_context() can lead to a NULL pointer dereference.

In aie2_create_context(), replace aie_destroy_context() with a function which request firmware to remove the context created previously.

Product Status

Vendor	Linux
Product	Linux
Versions	Default: unaffected affected from be462c97b7dfd24999babe39cce3de224ebe1f80 to 2611c9616cb52d3ed54a6095d72d18e645a6955a (excl.) affected from be462c97b7dfd24999babe39cce3de224ebe1f80 to 97f27573837ef96b4ba42af463cc800cab615c0e (excl.)

Vendor

Linux

Product

Linux

Versions

Default: unaffected

affected from be462c97b7dfd24999babe39cce3de224ebe1f80 to 2611c9616cb52d3ed54a6095d72d18e645a6955a (excl.)
affected from be462c97b7dfd24999babe39cce3de224ebe1f80 to 97f27573837ef96b4ba42af463cc800cab615c0e (excl.)

Vendor	Linux
Product	Linux
Versions	Default: affected Version 6.14 is affected unaffected from 0 to 6.14 (excl.) unaffected from 6.19.4 to 6.19.* (incl.) unaffected from 7.0 to * (incl.)

Vendor

Linux

Product

Linux

Versions

Default: affected

Version 6.14 is affected
unaffected from 0 to 6.14 (excl.)
unaffected from 6.19.4 to 6.19.* (incl.)
unaffected from 7.0 to * (incl.)

References

CVE-2025-71308 PUBLISHED

accel/amdxdna: Fix potential NULL pointer dereference in context cleanup

Product Status

References