CVE-2025-71092Out-of-bounds Write in Linux

CWE-787Out-of-bounds Write7 documents6 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 94.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedJan 13

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix OOB write in bnxt_re_copy_err_stats() Commit ef56081d1864 ("RDMA/bnxt_re: RoCE related hardware counters update") added three new counters and placed them after BNXT_RE_OUT_OF_SEQ_ERR. BNXT_RE_OUT_OF_SEQ_ERR acts as a boundary marker for allocating hardware statistics with different num_counters values on chip_gen_p5_p7 devices. As a result, BNXT_RE_NUM_STD_COUNTERS are used when allocating hw_stats, which

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages5 packages

Linuxlinux/linux_kernel6.18.06.18.4
NVDlinux/linux_kernel6.18.16.18.4+2
Debianlinux/linux_kernel< 6.18.5-1
CVEListV5linux/linuxef56081d1864582a6db50710733416c0510b7826369a161c48723f60f06f3510b82ea7d96d0499ab+2
debiandebian/linux< linux 6.18.5-1 (forky)

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
GHSA
GHSA-xhvc-mp36-38vq: In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix OOB write in bnxt_re_copy_err_stats() Commit ef56081d1864 ("RD2026-01-13
OSV
RDMA/bnxt_re: Fix OOB write in bnxt_re_copy_err_stats()2026-01-13
OSV
CVE-2025-71092: In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix OOB write in bnxt_re_copy_err_stats() Commit ef56081d1864 ("RDMA2026-01-13

📋Vendor Advisories

2
Red Hat
kernel: RDMA/bnxt_re: Fix OOB write in bnxt_re_copy_err_stats()2026-01-13
Debian
CVE-2025-71092: linux - In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_r...2025

🕵️Threat Intelligence

1
Wiz
CVE-2025-71092 Impact, Exploitability, and Mitigation Steps | Wiz