No CVSS.
n the Linux kernel, the following vulnerability has been resolved: iio: adc: at91-sama5d2_adc: Fix potential use-after-free in sama5d2_adc driver at91_adc_interrupt can call at91_adc_touch_data_handler function to start the work by schedule_work(&st->touch_st.workq). If we remove the module which will call at91_adc_remove to make cleanup, it will free indio_dev through iio_device_unregister but quite a bit later. While the work mentioned above will be used. The sequence of operations that may lead to a UAF bug is as follows: CPU0 CPU1 | at91_adc_workq_handler at91_adc_remove | iio_device_unregister(indio_dev) | //free indio_dev a bit later | | iio_push_to_buffers(indio_dev) | //use indio_dev Fix it by ensuring that the work is canceled before proceeding with the cleanup in at91_adc_remove.
No configuration.
06 Feb 2026, 17:16
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
04 Feb 2026, 17:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Published : 2026-02-04 17:16
Updated : 2026-02-06 17:16
NVD link : CVE-2025-71199
Mitre link : CVE-2025-71199
CVE.ORG link : CVE-2025-71199
JSON object : View
No product.
No CWE.