CVE

DEBIAN-CVE-2025-71092

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix OOB write in bnxt_re_copy_err_stats() Commit ef56081d1864 ("RDMA/bnxt_re: RoCE related hardware counters update"...

Back to all

CVE

DEBIAN-CVE-2025-71092

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fix OOB write in bnxtrecopyerrstats() Commit ef56081d1864 ("RDMA/bnxtre: RoCE related hardware counters update") added three new counters and placed them after BNXTREOUTOFSEQERR. BNXTREOUTOFSEQERR acts as a boundary marker for allocating hardware statistics with different numcounters values on chipgenp5p7 devices. As a result, BNXTRENUMSTDCOUNTERS are used when allocating hwstats, which leads to an out-of-bounds write in bnxtrecopyerrstats(). The counters BNXTREREQCQEERROR, BNXTRERESPCQEERROR, and BNXTRERESPREMOTEACCESSERRS are applicable to generic hardware, not only p5/p7 devices. Fix this by moving these counters before BNXTREOUTOFSEQ_ERR so they are included in the generic counter set.

Package Versions Affected

No items found.

Automatically patch vulnerabilities without upgrading

Fix Without Upgrading

Detect compatible fix

Apply safe remediation

Fix with a single pull request

CVSS Version

3.1

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Related Resources

No items found.

References

https://security-tracker.debian.org/tracker/CVE-2025-71092

Severity

7.8

CVSS Score

Basic Information

Ecosystem

Base CVSS

7.8

EPSS Probability

EPSS Percentile

Introduced Version

Fix Available

6.18.5-1

Fix Critical Vulnerabilities Instantly

Secure your app without upgrading.

Fix Without Upgrading

Get a Demo

Let's Patch It!

DEBIAN-CVE-2025-71092

DEBIAN-CVE-2025-71092

Package Versions Affected

Automatically patch vulnerabilities without upgrading

CVSS Version

Related Resources

References

Severity

7.8

Basic Information

Fix Critical Vulnerabilities Instantly