CVE-2025-71300
Received Received - Intake
OP-TEE Node Reversion Fix in Linux Kernel

Publication date: 2026-05-08

Last updated on: 2026-05-08

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: Revert "arm64: zynqmp: Add an OP-TEE node to the device tree" This reverts commit 06d22ed6b6635b17551f386b50bb5aaff9b75fbe. OP-TEE logic in U-Boot automatically injects a reserved-memory node along with optee firmware node to kernel device tree. The injection logic is dependent on that there is no manually defined optee node. Having the node in zynqmp.dtsi effectively breaks OP-TEE's insertion of the reserved-memory node, causing memory access violations during runtime.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-08
Last Modified
2026-05-08
Generated
2026-06-19
AI Q&A
2026-05-08
EPSS Evaluated
2026-06-18
NVD
CVE-2025-71300
EUVD
EUVD-2025-209749
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves the Linux kernel where a specific commit related to the arm64 architecture for the zynqmp platform was reverted. The issue arises because OP-TEE logic in U-Boot automatically injects a reserved-memory node along with the OP-TEE firmware node into the kernel device tree, but this injection only works if there is no manually defined OP-TEE node.

Having the OP-TEE node manually defined in the zynqmp.dtsi file breaks OP-TEE's ability to insert the reserved-memory node, which leads to memory access violations during runtime.

Impact Analysis

The vulnerability can cause memory access violations during runtime due to the failure of OP-TEE to properly insert the reserved-memory node when a manual OP-TEE node is present.

This can lead to system instability or crashes on affected devices using the arm64 zynqmp platform with the Linux kernel, potentially impacting device functionality and reliability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-71300. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart