CVE-2025-71122 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: iommufd/selftest: Check for overflow in IOMMU_TEST_OP_ADD_RESERVED syzkaller found it could overflow math in the test infrastructure and cause a WARN_ON by corrupting the reserved interval tree. This only effects test kernels with CONFIG_IOMMUFD_TEST. Validate the user input length in the test ioctl.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/4cc829d61f10c20523fd4085c1546e741a792a97
https://git.kernel.org/stable/c/b166b8e0a381429fefd9180e67fbc834b3cee82f
https://git.kernel.org/stable/c/e6a973af11135439de32ece3b9cbe3bfc043bea8
https://git.kernel.org/stable/c/e6c122cffcbb2e84d321ec8ba0e38ce8e7c10925

History

Wed, 14 Jan 2026 15:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: iommufd/selftest: Check for overflow in IOMMU_TEST_OP_ADD_RESERVED syzkaller found it could overflow math in the test infrastructure and cause a WARN_ON by corrupting the reserved interval tree. This only effects test kernels with CONFIG_IOMMUFD_TEST. Validate the user input length in the test ioctl.
Title		iommufd/selftest: Check for overflow in IOMMU_TEST_OP_ADD_RESERVED
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/4cc829d61f10c20523fd4085c1546e741a792a97 https://git.kernel.org/stable/c/b166b8e0a381429fefd9180e67fbc834b3cee82f https://git.kernel.org/stable/c/e6a973af11135439de32ece3b9cbe3bfc043bea8 https://git.kernel.org/stable/c/e6c122cffcbb2e84d321ec8ba0e38ce8e7c10925

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-01-14T15:06:08.556Z

Updated: 2026-01-14T15:06:08.556Z

Reserved: 2026-01-13T15:30:19.654Z

Link: CVE-2025-71122

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-01-14T15:16:01.900

Modified: 2026-01-14T16:25:12.057

Link: CVE-2025-71122

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-71122", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:30:19.654Z", "datePublished": "2026-01-14T15:06:08.556Z", "dateUpdated": "2026-01-14T15:06:08.556Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-01-14T15:06:08.556Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommufd/selftest: Check for overflow in IOMMU_TEST_OP_ADD_RESERVED\n\nsyzkaller found it could overflow math in the test infrastructure and\ncause a WARN_ON by corrupting the reserved interval tree. This only\neffects test kernels with CONFIG_IOMMUFD_TEST.\n\nValidate the user input length in the test ioctl."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/iommu/iommufd/selftest.c"], "versions": [{"version": "f4b20bb34c83dceade5470288f48f94ce3598ada", "lessThan": "4cc829d61f10c20523fd4085c1546e741a792a97", "status": "affected", "versionType": "git"}, {"version": "f4b20bb34c83dceade5470288f48f94ce3598ada", "lessThan": "e6c122cffcbb2e84d321ec8ba0e38ce8e7c10925", "status": "affected", "versionType": "git"}, {"version": "f4b20bb34c83dceade5470288f48f94ce3598ada", "lessThan": "b166b8e0a381429fefd9180e67fbc834b3cee82f", "status": "affected", "versionType": "git"}, {"version": "f4b20bb34c83dceade5470288f48f94ce3598ada", "lessThan": "e6a973af11135439de32ece3b9cbe3bfc043bea8", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/iommu/iommufd/selftest.c"], "versions": [{"version": "6.2", "status": "affected"}, {"version": "0", "lessThan": "6.2", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.120", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.64", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.3", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19-rc2", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2", "versionEndExcluding": "6.6.120"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2", "versionEndExcluding": "6.12.64"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2", "versionEndExcluding": "6.18.3"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2", "versionEndExcluding": "6.19-rc2"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/4cc829d61f10c20523fd4085c1546e741a792a97"}, {"url": "https://git.kernel.org/stable/c/e6c122cffcbb2e84d321ec8ba0e38ce8e7c10925"}, {"url": "https://git.kernel.org/stable/c/b166b8e0a381429fefd9180e67fbc834b3cee82f"}, {"url": "https://git.kernel.org/stable/c/e6a973af11135439de32ece3b9cbe3bfc043bea8"}], "title": "iommufd/selftest: Check for overflow in IOMMU_TEST_OP_ADD_RESERVED", "x_generator": {"engine": "bippy-1.2.0"}}}}