Zero Day MonitorZDM

← Back to list

—

CVE-2025-71313EXPLOITEDPATCHED

linux · linux kernel

PCI: endpoint: Add missing NULL check for alloc_workqueue()

Description

A vulnerability described as critical has been identified in Linux Kernel up to 6.19.3. Affected by this vulnerability is the function alloc_workqueue of the component PCI. Executing a manipulation can lead to null pointer dereference. This vulnerability is registered as CVE-2025-71313. The attack requires access to the local network. No exploit is available. Upgrading the affected component is recommended.

Affected Products

Vendor	Product	Versions
linux	linux kernel	8b821cf761503b80d0bd052f932adfe1bc1a0088, 8b821cf761503b80d0bd052f932adfe1bc1a0088, 5.12, 6.19.3

References

Related News (2 articles)

Tier A

Microsoft MSRC2h ago

CVE-2025-71313 PCI: endpoint: Add missing NULL check for alloc_workqueue()

→ No new info (linked only)

Tier C

VulDB24d ago

CVE-2025-71313 | Linux Kernel up to 6.19.3 PCI alloc_workqueue null pointer dereference

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

314eab6740bcda504ef978be599f805de05ce6de03f336a869b3a3f119d3ae52ac9723739c7fb7b606.19.47.0

PublishedJun 3, 2026

Last enriched24d agov2

Trending Score61

Source articles2

Independent2

Info Completeness7/14

Missing: cvss, epss, cwe, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-31431EXPKEV

crypto: algif_aead - Revert to operating out-of-place

HIGHCVE-2026-43284EXPKEV

xfrm: esp: avoid in-place decrypt on shared skb frags

HIGHCVE-2026-43500EXPKEV

rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present

HIGHCVE-2026-46243EXP

smb: client: reject userspace cifs.spnego descriptions

HIGHCVE-2026-46333EXP

ptrace: slightly saner 'get_dumpable()' logic

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Jun 3, 2026

Actively Exploited

Jun 3, 2026

Patch Available

Jun 3, 2026

Discovered by ZDM

Jun 3, 2026

Updated: description, severity, affectedVersions, activelyExploited

Jun 3, 2026

Version History

v2

Last enriched 24d ago

v2Tier C24d ago

Updated severity to CRITICAL, added affected version 6.19.3, and noted that no exploit is available.

descriptionseverityaffectedVersionsactivelyExploited

via VulDB

v124d ago

Initial creation