CVE-2025-71287 - Vulnerability Details

- memory: mtk-smi: fix device leak on larb probe

Description

In the Linux kernel, the following vulnerability has been resolved:

memory: mtk-smi: fix device leak on larb probe

Make sure to drop the reference taken when looking up the SMI device
during larb probe on late probe failure (e.g. probe deferral) and on
driver unbind.

Published: 2026-05-06

Score: n/a

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability is a memory leak in the MediaTek SMI driver for the Linux kernel caused by failing to release references to the SMI device during late probe failures or driver unbind events. The leak can accumulate over time, potentially exhausting available kernel memory, which could lead to system instability, crashes, or a denial of service

Affected Systems

The driver is part of the Linux kernel’s MediaTek SMI implementation. All Linux kernel builds that include this driver—primarily distributions for MediaTek SoCs—are affected. The advisory does not specify exact kernel versions; therefore any version before the kernel commit that introduced the fix is vulnerable. Users should verify that their kernel contains the upstream patch

Risk and Exploitability

No CVSS score is reported, and the EPSS score is not available. The vulnerability is not listed in CISA KEV. Because the flaw requires a failure during probe or unbind of the SMI device, exploitation would likely occur only in environments where the driver is loaded often or during boot, making accidental exploitation possible but difficult to trigger covertly. Nonetheless, the potential for memory exhaustion warrants patching as soon as possible

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`cc8bbe1a83128ad06457e4dc69907c4f9a6fc1a7`	affected	< 04057b86fdac3d4847913a97dc6552c0bff9b85e
`cc8bbe1a83128ad06457e4dc69907c4f9a6fc1a7`	affected	< 357e16a7fc9c1fef2ea37dce9bb6b9bcb1d1687d
`cc8bbe1a83128ad06457e4dc69907c4f9a6fc1a7`	affected	< b9eccd59697f7e1cb9a714501d9af826e7f7e073
`cc8bbe1a83128ad06457e4dc69907c4f9a6fc1a7`	affected	< 1f23a48ff2b8ab47e514f7c84a4b1dbf9b848168
`cc8bbe1a83128ad06457e4dc69907c4f9a6fc1a7`	affected	< f69535b77fa0518ad39870c00dd2995439ed5c34
`cc8bbe1a83128ad06457e4dc69907c4f9a6fc1a7`	affected	< 1288bb394d464975cea18f69940f206e235e0fe7
`cc8bbe1a83128ad06457e4dc69907c4f9a6fc1a7`	affected	< 9dae65913b32d05dbc8ff4b8a6bf04a0e49a8eb6

Linux

affected

Version	Status	Constraints
`4.6`	affected	—
`0`	unaffected	< 4.6
`5.15.203`	unaffected	≤ 5.15.*
`6.1.167`	unaffected	≤ 6.1.*
`6.6.130`	unaffected	≤ 6.6.*
`6.12.77`	unaffected	≤ 6.12.*
`6.18.17`	unaffected	≤ 6.18.*
`6.19.6`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[cc8bbe1a83128ad06457e4dc69907c4f9a6fc1a7,04057b86fdac3d4847913a97dc6552c0bff9b85e)`	affected	code_commit	—
`[cc8bbe1a83128ad06457e4dc69907c4f9a6fc1a7,357e16a7fc9c1fef2ea37dce9bb6b9bcb1d1687d)`	affected	code_commit	—
`[cc8bbe1a83128ad06457e4dc69907c4f9a6fc1a7,b9eccd59697f7e1cb9a714501d9af826e7f7e073)`	affected	code_commit	—
`[cc8bbe1a83128ad06457e4dc69907c4f9a6fc1a7,1f23a48ff2b8ab47e514f7c84a4b1dbf9b848168)`	affected	code_commit	—
`[cc8bbe1a83128ad06457e4dc69907c4f9a6fc1a7,f69535b77fa0518ad39870c00dd2995439ed5c34)`	affected	code_commit	—
`[cc8bbe1a83128ad06457e4dc69907c4f9a6fc1a7,1288bb394d464975cea18f69940f206e235e0fe7)`	affected	code_commit	—
`[cc8bbe1a83128ad06457e4dc69907c4f9a6fc1a7,9dae65913b32d05dbc8ff4b8a6bf04a0e49a8eb6)`	affected	code_commit	—

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`4.6`	affected	generic	—
`[0,4.6)`	unaffected	semver	—
`[5.15.203,5.16.0]`	unaffected	semver	—
`[6.1.167,6.2.0]`	unaffected	semver	—
`[6.6.130,6.7.0]`	unaffected	semver	—
`[6.12.77,6.13.0]`	unaffected	semver	—
`[6.18.17,6.19.0]`	unaffected	semver	—
`[6.19.6,6.20.0]`	unaffected	semver	—
`[7.0,*]`	unaffected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Update the Linux kernel to a version that includes the fix (commit 04057b86f or later).
If upgrading the kernel is not immediately possible, temporarily disable the MediaTek SMI driver or ensure it is not loaded during boot by blacklisting the module.
Monitor system memory usage for signs of degradation and verify that the reference counter for SMI devices remains stable after repeated bind/unbind cycles.

Generated by OpenCVE AI on May 6, 2026 at 13:57 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/04057b86fdac3d4847913a97dc6552c0bff9b85e
https://git.kernel.org/stable/c/1288bb394d464975cea18f69940f206e235e0fe7
https://git.kernel.org/stable/c/1f23a48ff2b8ab47e514f7c84a4b1dbf9b848168
https://git.kernel.org/stable/c/357e16a7fc9c1fef2ea37dce9bb6b9bcb1d1687d
https://git.kernel.org/stable/c/9dae65913b32d05dbc8ff4b8a6bf04a0e49a8eb6
https://git.kernel.org/stable/c/b9eccd59697f7e1cb9a714501d9af826e7f7e073
https://git.kernel.org/stable/c/f69535b77fa0518ad39870c00dd2995439ed5c34

History

Wed, 06 May 2026 14:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-401

Wed, 06 May 2026 12:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: memory: mtk-smi: fix device leak on larb probe Make sure to drop the reference taken when looking up the SMI device during larb probe on late probe failure (e.g. probe deferral) and on driver unbind.
Title		memory: mtk-smi: fix device leak on larb probe
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/04057b86fdac3d4847913a97dc6552c0bff9b85e https://git.kernel.org/stable/c/1288bb394d464975cea18f69940f206e235e0fe7 https://git.kernel.org/stable/c/1f23a48ff2b8ab47e514f7c84a4b1dbf9b848168 https://git.kernel.org/stable/c/357e16a7fc9c1fef2ea37dce9bb6b9bcb1d1687d https://git.kernel.org/stable/c/9dae65913b32d05dbc8ff4b8a6bf04a0e49a8eb6 https://git.kernel.org/stable/c/b9eccd59697f7e1cb9a714501d9af826e7f7e073 https://git.kernel.org/stable/c/f69535b77fa0518ad39870c00dd2995439ed5c34

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-06T11:32:20.136Z

Updated: 2026-05-06T11:32:20.136Z

Reserved: 2026-05-06T11:31:45.509Z

Link: CVE-2025-71287

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-06T12:16:27.857

Modified: 2026-05-06T13:07:51.607

Link: CVE-2025-71287

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-06T14:15:05Z

Weaknesses

CWE-401

Impact

Affected Systems

Risk and Exploitability

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object