{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-71141","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2026-01-13T15:30:19.661Z","datePublished":"2026-01-14T15:07:54.456Z","dateUpdated":"2026-05-11T21:55:46.325Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:55:46.325Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tilcdc: Fix removal actions in case of failed probe\n\nThe drm_kms_helper_poll_fini() and drm_atomic_helper_shutdown() helpers\nshould only be called when the device has been successfully registered.\nCurrently, these functions are called unconditionally in tilcdc_fini(),\nwhich causes warnings during probe deferral scenarios.\n\n[    7.972317] WARNING: CPU: 0 PID: 23 at drivers/gpu/drm/drm_atomic_state_helper.c:175 drm_atomic_helper_crtc_duplicate_state+0x60/0x68\n...\n[    8.005820]  drm_atomic_helper_crtc_duplicate_state from drm_atomic_get_crtc_state+0x68/0x108\n[    8.005858]  drm_atomic_get_crtc_state from drm_atomic_helper_disable_all+0x90/0x1c8\n[    8.005885]  drm_atomic_helper_disable_all from drm_atomic_helper_shutdown+0x90/0x144\n[    8.005911]  drm_atomic_helper_shutdown from tilcdc_fini+0x68/0xf8 [tilcdc]\n[    8.005957]  tilcdc_fini [tilcdc] from tilcdc_pdev_probe+0xb0/0x6d4 [tilcdc]\n\nFix this by rewriting the failed probe cleanup path using the standard\ngoto error handling pattern, which ensures that cleanup functions are\nonly called on successfully initialized resources. Additionally, remove\nthe now-unnecessary is_registered flag."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/gpu/drm/tilcdc/tilcdc_crtc.c","drivers/gpu/drm/tilcdc/tilcdc_drv.c","drivers/gpu/drm/tilcdc/tilcdc_drv.h"],"versions":[{"version":"69f03be1fa08a66735d53d92d3429c052540e3bf","lessThan":"21e52dc7762908c3d499cfb493d1b8281fc1d3ab","status":"affected","versionType":"git"},{"version":"3c4babae3c4a1ae05f8f3f5f3d50c440ead7ca6a","lessThan":"71be8825e83c90c1e020feb77b29e6a99629e642","status":"affected","versionType":"git"},{"version":"3c4babae3c4a1ae05f8f3f5f3d50c440ead7ca6a","lessThan":"a585c7ef9cabda58088916baedc6573e9a5cd2a7","status":"affected","versionType":"git"},{"version":"84021fa4cf190e257ae8b66d284cdb92e3fabe33","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/gpu/drm/tilcdc/tilcdc_crtc.c","drivers/gpu/drm/tilcdc/tilcdc_drv.c","drivers/gpu/drm/tilcdc/tilcdc_drv.h"],"versions":[{"version":"6.7","status":"affected"},{"version":"0","lessThan":"6.7","status":"unaffected","versionType":"semver"},{"version":"6.6.120","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.18.4","lessThanOrEqual":"6.18.*","status":"unaffected","versionType":"semver"},{"version":"6.19","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6.2","versionEndExcluding":"6.6.120"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.18.4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.19"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.5.12"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/21e52dc7762908c3d499cfb493d1b8281fc1d3ab"},{"url":"https://git.kernel.org/stable/c/71be8825e83c90c1e020feb77b29e6a99629e642"},{"url":"https://git.kernel.org/stable/c/a585c7ef9cabda58088916baedc6573e9a5cd2a7"}],"title":"drm/tilcdc: Fix removal actions in case of failed probe","x_generator":{"engine":"bippy-1.2.0"}}}}