CVE-2025-71139

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel related to kexec and the Integrity Measurement Architecture (IMA). Specifically, the issue arises when the kexec target address is allocated within the CMA (Contiguous Memory Allocator) area. A warning message is generated during kexec, indicating a problem within the kimage map segment function. The root cause is that a recent commit enabled CMA-based contiguous allocation for kexec targets, but the current implementation of kimage map segment() incorrectly assumes the existence of IND SOURCE pages when operating within the CMA area. This leads to an attempt to map pages using vmap() when no IND SOURCE pages are available. The issue is triggered only when a CMA area is reserved in the kernel.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.