CVE-2025-71161Off-by-one Error in Linux

CWE-193Off-by-one ErrorCWE-835Infinite Loop6 documents6 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 98.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedJan 23

Description

In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive forward error correction There are two problems with the recursive correction: 1. It may cause denial-of-service. In fec_read_bufs, there is a loop that has 253 iterations. For each iteration, we may call verity_hash_for_block recursively. There is a limit of 4 nested recursions - that means that there may be at most 253^4 (4 billion) iterations. Red Hat QE team actually created an image that push

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel4.56.18.6
Debianlinux/linux_kernel< 6.18.8-1
CVEListV5linux/linuxa739ff3f543afbb4a041c16cd0182c8e8d366e70e227d2b229c7529bd98d348efc55262ccf24ab35+5
debiandebian/linux< linux 6.18.8-1 (forky)

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-m3cp-9jq6-3gg3: In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive forward error correction There are two problems wit2026-01-23
OSV
CVE-2025-71161: In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive forward error correction There are two problems with2026-01-23

📋Vendor Advisories

2
Red Hat
kernel: dm-verity: disable recursive forward error correction2026-01-23
Debian
CVE-2025-71161: linux - In the Linux kernel, the following vulnerability has been resolved: dm-verity: ...2025

🕵️Threat Intelligence

1
Wiz
CVE-2025-71161 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2025-71161 — Off-by-one Error in Linux | cvebase