{"id":"CVE-2025-71084","summary":"RDMA/cm: Fix leaking the multicast GID table reference","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cm: Fix leaking the multicast GID table reference\n\nIf the CM ID is destroyed while the CM event for multicast creating is\nstill queued the cancel_work_sync() will prevent the work from running\nwhich also prevents destroying the ah_attr. This leaks a refcount and\ntriggers a WARN:\n\n   GID entry ref leak for dev syz1 index 2 ref=573\n   WARNING: CPU: 1 PID: 655 at drivers/infiniband/core/cache.c:809 release_gid_table drivers/infiniband/core/cache.c:806 [inline]\n   WARNING: CPU: 1 PID: 655 at drivers/infiniband/core/cache.c:809 gid_table_release_one+0x284/0x3cc drivers/infiniband/core/cache.c:886\n\nDestroy the ah_attr after canceling the work, it is safe to call this\ntwice.","modified":"2026-03-31T17:29:25.505069Z","published":"2026-01-13T15:34:47.665Z","related":["MGASA-2026-0017","MGASA-2026-0018","SUSE-SU-2026:0447-1","SUSE-SU-2026:0472-1","SUSE-SU-2026:0587-1","SUSE-SU-2026:20477-1","SUSE-SU-2026:20498-1","SUSE-SU-2026:20555-1","SUSE-SU-2026:20599-1","SUSE-SU-2026:20615-1","SUSE-SU-2026:20845-1","SUSE-SU-2026:20876-1","openSUSE-SU-2026:20287-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71084.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/3ba6d01c4b3c584264dc733c6a2ecc5bbc8e0bb5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/57f3cb6c84159d12ba343574df2115fb18dd83ca"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5cb34bb5fd726491b809efbeb5cfd63ae5bf9cf3"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ab668a58c4a2ccb6d54add7a76f2f955d15d0196"},{"type":"WEB","url":"https://git.kernel.org/stable/c/abf38398724ecc888f62c678d288da40d11878af"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c0acdee513239e1d6e1b490f56be0e6837dfd162"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d5ce588a9552878859a4d44b70b724216c188a5f"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71084.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-71084"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"60d613b39e8d0c9f3b526e9c96445422b4562d76"},{"fixed":"d5ce588a9552878859a4d44b70b724216c188a5f"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"fe454dc31e84f8c14cb8942fcb61666c9f40745b"},{"fixed":"abf38398724ecc888f62c678d288da40d11878af"},{"fixed":"ab668a58c4a2ccb6d54add7a76f2f955d15d0196"},{"fixed":"c0acdee513239e1d6e1b490f56be0e6837dfd162"},{"fixed":"5cb34bb5fd726491b809efbeb5cfd63ae5bf9cf3"},{"fixed":"3ba6d01c4b3c584264dc733c6a2ecc5bbc8e0bb5"},{"fixed":"57f3cb6c84159d12ba343574df2115fb18dd83ca"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"a3262b3884dd67b4c5632ce7cdf9cff9d1a575d4"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-71084.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.10.248"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.198"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.12.0"},{"fixed":"6.1.160"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.6.120"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.12.64"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.18.4"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-71084.json"}}],"schema_version":"1.7.5"}