CVE-2025-71122
Published: 14 January 2026
Summary
CVE-2025-71122 is a high-severity an unspecified weakness vulnerability in Linux Linux Kernel. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 6.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2025-71122 is a vulnerability in the Linux kernel's iommufd selftest component, specifically an integer overflow in the IOMMU_TEST_OP_ADD_RESERVED operation. The issue allows math overflow in the test infrastructure, leading to corruption of the reserved interval tree and triggering a WARN_ON. It affects only test kernels configured with CONFIG_IOMMUFD_TEST enabled.
A local attacker with low privileges (PR:L) on an affected test kernel can exploit this vulnerability with low complexity and no user interaction required. Successful exploitation causes the overflow, resulting in kernel warning and data structure corruption, with a CVSS v3.1 base score of 7.8 indicating high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H).
The provided references point to stable kernel commit patches that resolve the issue by adding validation of user input length in the test ioctl, preventing the overflow. These commits are available at git.kernel.org/stable for integration into affected kernels.
This vulnerability was discovered by the syzkaller fuzzer and is confined to test environments, with no indications of real-world exploitation.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-2489
Vulnerability details
In the Linux kernel, the following vulnerability has been resolved: iommufd/selftest: Check for overflow in IOMMU_TEST_OP_ADD_RESERVED syzkaller found it could overflow math in the test infrastructure and cause a WARN_ON by corrupting the reserved interval tree. This only effects test…
more
kernels with CONFIG_IOMMUFD_TEST. Validate the user input length in the test ioctl.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Integer overflow enables local low-priv exploitation leading to kernel data corruption on test kernels, directly mapping to exploitation for privilege escalation.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Mandates validation of user input lengths in the IOMMU_TEST_OP_ADD_RESERVED ioctl to directly prevent the integer overflow and subsequent reserved interval tree corruption.
Requires timely identification, reporting, and patching of flaws like this kernel integer overflow via stable commit fixes.
Enforces secure kernel configuration settings to disable unnecessary test features such as CONFIG_IOMMUFD_TEST, reducing exposure to the selftest vulnerability.