#VU121425 Resource management error in Linux kernel - CVE-2025-71085
Published: January 14, 2026
Vulnerability identifier: #VU121425
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-71085
CWE-ID: CWE-399
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the calipso_skbuff_setattr() function in net/ipv6/calipso.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/2bb759062efa188ea5d07242a43e5aa5464bbae1
- https://git.kernel.org/stable/c/58fc7342b529803d3c221101102fe913df7adb83
- https://git.kernel.org/stable/c/73744ad5696dce0e0f43872aba8de6a83d6ad570
- https://git.kernel.org/stable/c/bf3709738d8a8cc6fa275773170c5c29511a0b24
- https://git.kernel.org/stable/c/c53aa6a5086f03f19564096ee084a202a8c738c0