CVE-2025-71087
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
13/01/2026
Last modified:
14/01/2026
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
iavf: fix off-by-one issues in iavf_config_rss_reg()<br />
<br />
There are off-by-one bugs when configuring RSS hash key and lookup<br />
table, causing out-of-bounds reads to memory [1] and out-of-bounds<br />
writes to device registers.<br />
<br />
Before commit 43a3d9ba34c9 ("i40evf: Allow PF driver to configure RSS"),<br />
the loop upper bounds were:<br />
i
Impact
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/18de0e41d69d97fab10b91fecf10ae78a5e43232
- https://git.kernel.org/stable/c/3095228e1320371e143835d0cebeef1a8a754c66
- https://git.kernel.org/stable/c/6daa2893f323981c7894c68440823326e93a7d61
- https://git.kernel.org/stable/c/d7369dc8dd7cbf5cee3a22610028d847b6f02982
- https://git.kernel.org/stable/c/f36de3045d006e6d9be1be495f2ed88d1721e752