CVE-2025-68816

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net/mlx5: fw_tracer, Validate format string parameters<br /> <br /> Add validation for format string parameters in the firmware tracer to<br /> prevent potential security vulnerabilities and crashes from malformed<br /> format strings received from firmware.<br /> <br /> The firmware tracer receives format strings from the device firmware and<br /> uses them to format trace messages. Without proper validation, bad<br /> firmware could provide format strings with invalid format specifiers<br /> (e.g., %s, %p, %n) that could lead to crashes, or other undefined<br /> behavior.<br /> <br /> Add mlx5_tracer_validate_params() to validate that all format specifiers<br /> in trace strings are limited to safe integer/hex formats (%x, %d, %i,<br /> %u, %llx, %lx, etc.). Reject strings containing other format types that<br /> could be used to access arbitrary memory or cause crashes.<br /> Invalid format strings are added to the trace output for visibility with<br /> "BAD_FORMAT: " prefix.