CVE-2025-71272: Resource Leak in Linux Kernel
Platform
linux
Component
linux-kernel
Fixed in
af0b99b2214a10554adb5b868240d23af6e64e71
CVE-2025-71272 addresses a resource leak vulnerability within the Linux Kernel. This flaw occurs in the mostregisterinterface() function, where memory allocated for the interface is not properly released when an error occurs before device registration. This can lead to a denial-of-service condition as system resources are depleted. The vulnerability affects Linux Kernel versions 5.6 up to and including af0b99b2214a10554adb5b868240d23af6e64e71, and a fix is available in the specified version.
Impact and Attack Scenarios
The core impact of CVE-2025-71272 is a denial-of-service (DoS). Repeated calls to mostregisterinterface() that fail can progressively consume system memory. Eventually, this can exhaust available resources, causing the system to become unresponsive or crash. While the vulnerability doesn't directly lead to code execution or data breaches, the resulting system instability can disrupt critical services and potentially lead to data loss if processes are terminated unexpectedly. The severity stems from the potential for widespread impact across systems relying on the affected Linux Kernel version, particularly in environments with high device registration activity.
Exploitation Context
CVE-2025-71272 is not currently listed on KEV (Kernel Exploitability Vulnerability) or has a publicly available EPSS score. The absence of a score doesn't diminish the potential impact; it simply reflects a lack of current exploitation activity. Public proof-of-concept (PoC) code is not currently available, but the nature of the vulnerability—a resource leak—makes it potentially exploitable through targeted device registration attacks. The vulnerability was published on 2026-05-06.
Threat Intelligence
Exploit Status
EPSS
0.02% (7% percentile)
Affected Software
Timeline
- Published
- Modified
- EPSS updated
Mitigation and Workarounds
The primary mitigation for CVE-2025-71272 is to upgrade the Linux Kernel to version af0b99b2214a10554adb5b868240d23af6e64e71 or later. Before upgrading, it's crucial to review the release notes for any potential compatibility issues with existing drivers or applications. If a direct upgrade is not feasible due to compatibility concerns, consider temporarily limiting the number of device registration attempts to reduce the rate of resource exhaustion. While a WAF or proxy cannot directly mitigate this kernel-level vulnerability, ensuring proper resource limits and monitoring system memory usage can help detect and respond to potential DoS conditions. After upgrading, confirm the fix by monitoring system memory usage during device registration operations and verifying that no memory leaks occur.
How to fix
Actualizar el kernel de Linux a la versión 5.6 o superior, 6.12.1 o superior, 6.18.1 o superior, o 6.19.1 o superior. Esta actualización corrige una fuga de recursos en la función most_register_interface al no liberar correctamente los recursos en caso de error, lo que podría llevar a un consumo excesivo de memoria.
Frequently asked questions
What is CVE-2025-71272 — Resource Leak in Linux Kernel?
CVE-2025-71272 is a vulnerability in the Linux Kernel where memory isn't released correctly during device registration errors, potentially leading to a denial-of-service. It affects versions 5.6–af0b99b2214a10554adb5b868240d23af6e64e71.
Am I affected by CVE-2025-71272 in Linux Kernel?
You are potentially affected if your system runs Linux Kernel versions 5.6 up to and including af0b99b2214a10554adb5b868240d23af6e64e71. Check your kernel version using 'uname -r'.
How do I fix CVE-2025-71272 in Linux Kernel?
Upgrade your Linux Kernel to version af0b99b2214a10554adb5b868240d23af6e64e71 or later. Review release notes for compatibility before upgrading.
Is CVE-2025-71272 being actively exploited?
There is currently no public evidence of active exploitation or available proof-of-concept code, but the vulnerability's nature makes it potentially exploitable.
Where can I find the official Linux advisory for CVE-2025-71272?
Refer to the Linux Kernel security announcements and the NVD (National Vulnerability Database) for official information: https://nvd.nist.gov/vuln/detail/CVE-2025-71272
Is your project affected?
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Try it now — no account
Upload any manifest (composer.lock, package-lock.json, WordPress plugin list…) or paste your component list. You get a vulnerability report instantly. Uploading a file is just the start: with an account you get continuous monitoring, Slack/email alerts, multi-project and white-label reports.
Drag & drop your dependency file
composer.lock, package-lock.json, requirements.txt, Gemfile.lock, pubspec.lock, Dockerfile...