CVE-2025-71313 | In the Linux kernel, the following vulnerability has been re…

Description

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Add missing NULL check for alloc_workqueue() alloc_workqueue() can return NULL on memory allocation failure. Without proper error checking, this may lead to a NULL pointer dereference when queue_work() is later called with the NULL workqueue pointer in epf_ntb_epc_init(). Add a NULL check immediately after alloc_workqueue() and return -ENOMEM on failure to prevent the driver from loading with an invalid workqueue pointer.

Metadata

CVE ID: CVE-2025-71313
State: PUBLISHED
Assigner: Linux
Reserved: 2026-05-27 12:23 UTC
Published: 2026-06-03 15:49 UTC
Last updated: 2026-06-03 15:49 UTC
Vendor / Product: Linux / Linux
Sources: cve.org · NVD

Severity & Metrics

No CVSS data available.

Affected products (2)

Vendor	Product	Platform	Versions
Linux	Linux	—	8b821cf761503b80d0bd052f932adfe1bc1a0088 < 314eab6740bcda504ef978be599f805de05ce6de, 8b821cf761503b80d0bd052f932adfe1bc1a0088 < 03f336a869b3a3f119d3ae52ac9723739c7fb7b6
Linux	Linux	—	5.12, 0 < 5.12, 6.19.4 ≤ 6.19., 7.0 ≤

References (2)