2468077 – (CVE-2025-71300) CVE-2025-71300 kernel: Revert "arm64: zynqmp: Add an OP-TEE node to the device tree"

Bug 2468077 (CVE-2025-71300) - CVE-2025-71300 kernel: Revert "arm64: zynqmp: Add an OP-TEE node to the device tree"

Summary: CVE-2025-71300 kernel: Revert "arm64: zynqmp: Add an OP-TEE node to the devic...

Keywords:
Status:	NEW
Alias:	CVE-2025-71300
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2026-05-08 14:03 UTC by OSIDB Bzimport
Modified:	2026-05-08 17:54 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-05-08 14:03:18 UTC

In the Linux kernel, the following vulnerability has been resolved:

Revert "arm64: zynqmp: Add an OP-TEE node to the device tree"

This reverts commit 06d22ed6b6635b17551f386b50bb5aaff9b75fbe.

OP-TEE logic in U-Boot automatically injects a reserved-memory
node along with optee firmware node to kernel device tree.
The injection logic is dependent on that there is no manually
defined optee node. Having the node in zynqmp.dtsi effectively
breaks OP-TEE's insertion of the reserved-memory node, causing
memory access violations during runtime.

Comment 1 Keith Grant 2026-05-08 17:52:24 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2026050824-CVE-2025-71300-fe93@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.