DEBIAN-CVE-2025-71133

In the Linux kernel, the following vulnerability has been resolved:  RDMA/irdma: avoid invalid read in irdmanetevent  irdmanetevent() should not dereference anything from "neigh" (alias "ptr") until it has checked that the event is NETEVENTNEIGHUPDATE. Other events come with different structures pointed to by "ptr" and they may be smaller than struct neighbour.  Move the read of neigh->dev under the NETEVENTNEIGHUPDATE case.  The bug is mostly harmless, but it triggers KASAN on debug kernels:   BUG: KASAN: stack-out-of-bounds in irdmanetevent+0x32e/0x3b0 [irdma]  Read of size 8 at addr ffffc900075e07f0 by task kworker/27:2/542554   CPU: 27 PID: 542554 Comm: kworker/27:2 Kdump: loaded Not tainted 5.14.0-630.el9.x8664+debug #1  Hardware name: [...]  Workqueue: events rt6probedeferred  Call Trace:   <IRQ>   dumpstacklvl+0x60/0xb0   printaddressdescription.constprop.0+0x2c/0x3f0   printreport+0xb4/0x270   kasanreport+0x92/0xc0   irdmanetevent+0x32e/0x3b0 [irdma]   notifiercallchain+0x9e/0x180   atomicnotifiercallchain+0x5c/0x110   rt6doredirect+0xb91/0x1080   tcpv6err+0xe9b/0x13e0   icmpv6notify+0x2b2/0x630   ndiscredirectrcv+0x328/0x530   icmpv6rcv+0xc16/0x1360   ip6protocoldeliverrcu+0xb84/0x12e0   ip6inputfinish+0x117/0x240   ip6input+0xc4/0x370   ipv6rcv+0x420/0x7d0   netifreceiveskbonecore+0x118/0x1b0   processbacklog+0xd1/0x5d0   _napipoll.constprop.0+0xa3/0x440   netrxaction+0x78a/0xba0   handlesoftirqs+0x2d4/0x9c0   dosoftirq+0xad/0xe0   </IRQ>