CVE-2025-22112

Summary

In the Linux kernel, the following vulnerability has been resolved:

eth: bnxt: fix out-of-range access of vnic_info array

The bnxt_queue_{start | stop}() access vnic_info as much as allocated, which indicates bp->nr_vnics. So, it should not reach bp->vnic_info[bp->nr_vnics].

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxa6604717850e4c0fe39bd6084cfbc1bfc445d2b5 < e1724f07693439deaa413ebc2a2640325cf247f5affected
LinuxLinux661958552eda5bf64bfafb4821cbdded935f1f68 < b1e081d331ab3a0dea25425f2b6ddeb365fc9d22affected
LinuxLinux661958552eda5bf64bfafb4821cbdded935f1f68 < 919f9f497dbcee75d487400e8f9815b74a6a37dfaffected
LinuxLinuxb730dcab64d5f113af347cf8de696dab6ce88542affected
LinuxLinux6.12.20 < 6.12.35affected
LinuxLinux6.13.8 < 6.14affected
LinuxLinux6.14affected
LinuxLinux0 < 6.14unaffected
LinuxLinux6.12.35 <= 6.12.*unaffected
LinuxLinux6.14.2 <= 6.14.*unaffected
LinuxLinux6.15 <= *unaffected

Weaknesses

References