Bug 2468077 (CVE-2025-71300)

Summary: CVE-2025-71300 kernel: Revert "arm64: zynqmp: Add an OP-TEE node to the device tree"
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: rhel-process-autobot, watson-tool-maintainers
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A flaw was found in the Linux kernel, specifically within the OP-TEE (Open Portable Trusted Execution Environment) integration with U-Boot. The U-Boot's OP-TEE logic automatically injects a reserved-memory node into the kernel device tree. However, a manually defined OP-TEE node in `zynqmp.dtsi` interferes with this process, leading to memory access violations during runtime. This issue can result in system instability or denial of service.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description OSIDB Bzimport 2026-05-08 14:03:18 UTC 
In the Linux kernel, the following vulnerability has been resolved:

Revert "arm64: zynqmp: Add an OP-TEE node to the device tree"

This reverts commit 06d22ed6b6635b17551f386b50bb5aaff9b75fbe.

OP-TEE logic in U-Boot automatically injects a reserved-memory
node along with optee firmware node to kernel device tree.
The injection logic is dependent on that there is no manually
defined optee node. Having the node in zynqmp.dtsi effectively
breaks OP-TEE's insertion of the reserved-memory node, causing
memory access violations during runtime.
Comment 1 Keith Grant 2026-05-08 17:52:24 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2026050824-CVE-2025-71300-fe93@gregkh/T