VYPR
Unrated severityNVD Advisory· Published Feb 4, 2026· Updated Apr 15, 2026

CVE-2025-71199

CVE-2025-71199

Description

In the Linux kernel, the following vulnerability has been resolved:

iio: adc: at91-sama5d2_adc: Fix potential use-after-free in sama5d2_adc driver

at91_adc_interrupt can call at91_adc_touch_data_handler function to start the work by schedule_work(&st->touch_st.workq).

If we remove the module which will call at91_adc_remove to make cleanup, it will free indio_dev through iio_device_unregister but quite a bit later. While the work mentioned above will be used. The sequence of operations that may lead to a UAF bug is as follows:

CPU0 CPU1

| at91_adc_workq_handler at91_adc_remove | iio_device_unregister(indio_dev) | //free indio_dev a bit later | | iio_push_to_buffers(indio_dev) | //use indio_dev

Fix it by ensuring that the work is canceled before proceeding with the cleanup in at91_adc_remove.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

72

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.