CVE-2025-71192

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw in the ALSA subsystem, specifically within the ac97 component, related to a double free in the snd ac97 controller register() function. The issue arises when ac97 add adapter() fails, and an incorrect attempt to free memory using kfree() is made, leading to a potential double free condition. The problem was identified through code review. The fix involves ensuring put device() is used to correctly drop the device reference and adding kfree() when idr alloc() fails and in the ac97 adapter release() function for proper cleanup.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2025-71192

ECHO-973B-9983-C0B9

OPENSUSE-SU-2026:20416-1

SUSE-SU-2026:0962-1

SUSE-SU-2026:1081-1

SUSE-SU-2026:20667-1

SUSE-SU-2026:20720-1

SUSE-SU-2026:20838-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

SUSE-SU-2026:20931-1

SUSE-SU-2026:21284-1

USN-8278-1

USN-8278-2

USN-8289-1

USN-8289-2

USN-8296-1

USN-8296-2

USN-8393-1

Affected Products

Linuxmint

Linux Kernel

Ubuntu

CVE-2025-71192

Related Identifiers

Affected Products

References · 1804