CVE-2025-71070

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s ublk subsystem related to reference counting of user copy operations. Specifically, when a ublk server process releases a ublk character device file, incomplete requests can retain an incorrect reference count. This can lead to user copy and zero copy operations on completed requests, and trigger warnings in ublk queue reinit() and ublk deinit queue(). The issue affects UBLK F USER COPY, a reference-counted data copy mode, and was not fully addressed by a previous commit that fixed the problem for devices using UBLK F SUPPORT ZERO COPY or UBLK F AUTO BUF REG. The fix involves ensuring that any ublk requests owned by the server upon exit have their reference counts reset to 0.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.