Home

Description

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Add missing NULL check for alloc_workqueue() alloc_workqueue() can return NULL on memory allocation failure. Without proper error checking, this may lead to a NULL pointer dereference when queue_work() is later called with the NULL workqueue pointer in epf_ntb_epc_init(). Add a NULL check immediately after alloc_workqueue() and return -ENOMEM on failure to prevent the driver from loading with an invalid workqueue pointer.

PUBLISHED Reserved 2026-05-27 | Published 2026-06-03 | Updated 2026-06-03 | Assigner Linux

Product status

Default status
unaffected

8b821cf761503b80d0bd052f932adfe1bc1a0088 (git) before 314eab6740bcda504ef978be599f805de05ce6de
affected

8b821cf761503b80d0bd052f932adfe1bc1a0088 (git) before 03f336a869b3a3f119d3ae52ac9723739c7fb7b6
affected

Default status
affected

5.12
affected

Any version before 5.12
unaffected

6.19.4 (semver)
unaffected

7.0 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/314eab6740bcda504ef978be599f805de05ce6de

git.kernel.org/...c/03f336a869b3a3f119d3ae52ac9723739c7fb7b6

cve.org (CVE-2025-71313)

nvd.nist.gov (CVE-2025-71313)

Download JSON