CVE-2025-71110

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s mm/slub component related to memory management when CONFIG SLUB TINY is enabled and on ARM64 systems with Memory Tagging Extension (MTE). Specifically, the issue arises from a tag mismatch during deferred freeing of memory. The kfree nolock() function calls kasan slab free(), which poisons the memory and changes the tag. Subsequently, defer free() attempts to write to the freed object, triggering a KASAN use-after-free report due to the tag mismatch. The root cause is the lack of resetting the KASAN tag before accessing the freed memory.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.