{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-14T18:29:26.226","vulnerabilities":[{"cve":{"id":"CVE-2025-71233","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-02-18T16:22:30.080","lastModified":"2026-03-18T17:14:10.280","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: endpoint: Avoid creating sub-groups asynchronously\n\nThe asynchronous creation of sub-groups by a delayed work could lead to a\nNULL pointer dereference when the driver directory is removed before the\nwork completes.\n\nThe crash can be easily reproduced with the following commands:\n\n  # cd /sys/kernel/config/pci_ep/functions/pci_epf_test\n  # for i in {1..20}; do mkdir test && rmdir test; done\n\n  BUG: kernel NULL pointer dereference, address: 0000000000000088\n  ...\n  Call Trace:\n   configfs_register_group+0x3d/0x190\n   pci_epf_cfs_work+0x41/0x110\n   process_one_work+0x18f/0x350\n   worker_thread+0x25a/0x3a0\n\nFix this issue by using configfs_add_default_group() API which does not\nhave the deadlock problem as configfs_register_group() and does not require\nthe delayed work handler.\n\n[mani: slightly reworded the description and added stable list]"},{"lang":"es","value":"En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nPCI: endpoint: Evitar la creación asíncrona de subgrupos\n\nLa creación asíncrona de subgrupos por un trabajo retrasado podría llevar a una desreferencia de puntero NULL cuando el directorio del controlador es eliminado antes de que el trabajo se complete.\n\nEl fallo puede ser fácilmente reproducido con los siguientes comandos:\n\n  # cd /sys/kernel/config/pci_ep/functions/pci_epf_test\n  # for i in {1..20}; do mkdir test && rmdir test; done\n\n  BUG: kernel NULL pointer dereference, address: 0000000000000088\n  ...\n  Call Trace:\n   configfs_register_group+0x3d/0x190\n   pci_epf_cfs_work+0x41/0x110\n   process_one_work+0x18f/0x350\n   worker_thread+0x25a/0x3a0\n\nSoluciona este problema usando la API configfs_add_default_group() que no tiene el problema de interbloqueo como configfs_register_group() y no requiere el manejador de trabajo retrasado.\n\n[mani: se ha reformulado ligeramente la descripción y se ha añadido la lista estable]"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.12","versionEndExcluding":"5.15.201","matchCriteriaId":"7F9D9A1F-E24E-4F40-B86B-30FF1377DAFB"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.164","matchCriteriaId":"6892F74B-3F14-4500-9652-24A2ECB04144"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.127","matchCriteriaId":"4A9F36A3-A685-48A0-84B4-6217052BD058"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.72","matchCriteriaId":"F1A7E514-FB3C-4B6B-8046-07D5A8F04644"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.11","matchCriteriaId":"7099A9EC-3D54-4424-BF01-7224EF88C79C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.1","matchCriteriaId":"EE543C0D-A06B-414F-A403-CB1E088F261E"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/24a253c3aa6d9a2cde46158ce9782e023bfbf32d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5f609b3bffd4207cf9f2c9b41e1978457a5a1ea9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/73cee890adafa2c219bb865356e08e7f82423fe5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7c5c7d06bd1f86d2c3ebe62be903a4ba42db4d2c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8cb905eca73944089a0db01443c7628a9e87012d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d9af3cf58bb4c8d6dea4166011c780756b1138b5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/fa9fb38f5fe9c80094c2138354d45cdc8d094d69","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}