CVE-2025-71086
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
13/01/2026
Last modified:
14/01/2026
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
net: rose: fix invalid array index in rose_kill_by_device()<br />
<br />
rose_kill_by_device() collects sockets into a local array[] and then<br />
iterates over them to disconnect sockets bound to a device being brought<br />
down.<br />
<br />
The loop mistakenly indexes array[cnt] instead of array[i]. For cnt
Impact
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/1418c12cd3bba79dc56b57b61c99efe40f579981
- https://git.kernel.org/stable/c/6595beb40fb0ec47223d3f6058ee40354694c8e4
- https://git.kernel.org/stable/c/92d900aac3a5721fb54f3328f1e089b44a861c38
- https://git.kernel.org/stable/c/9f6185a32496834d6980b168cffcccc2d6b17280
- https://git.kernel.org/stable/c/b409ba9e1e63ccf3ab4cc061e33c1f804183543e