CVE-2025-39970

Summary

In the Linux kernel, the following vulnerability has been resolved:

i40e: fix input validation logic for action_meta

Fix condition to check 'greater or equal' to prevent OOB dereference.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe284fc280473bed23f2e1ed324e102a48f7d17e1 < a88c1b2746eccf00e2094b187945f0f1e990b400affected
LinuxLinuxe284fc280473bed23f2e1ed324e102a48f7d17e1 < 28465770ca3b694286ff9ed6dfd558413f57d98faffected
LinuxLinuxe284fc280473bed23f2e1ed324e102a48f7d17e1 < f8c8e11825b24661596fa8db2f0981ba17ed0817affected
LinuxLinuxe284fc280473bed23f2e1ed324e102a48f7d17e1 < 461e0917eedcd159d87f3ea846754a1e07d7e78aaffected
LinuxLinuxe284fc280473bed23f2e1ed324e102a48f7d17e1 < 3883e9702b6a4945e93b16c070f338a9f5b496f9affected
LinuxLinuxe284fc280473bed23f2e1ed324e102a48f7d17e1 < 3118f41d8fa57b005f53ec3db2ba5eab1d7ba12baffected
LinuxLinuxe284fc280473bed23f2e1ed324e102a48f7d17e1 < 560e1683410585fbd5df847f43433c4296f0d222affected
LinuxLinuxe284fc280473bed23f2e1ed324e102a48f7d17e1 < 9739d5830497812b0bdeaee356ddefbe60830b88affected
LinuxLinux4.17affected
LinuxLinux0 < 4.17unaffected
LinuxLinux5.4.300 <= 5.4.*unaffected
LinuxLinux5.10.245 <= 5.10.*unaffected
LinuxLinux5.15.194 <= 5.15.*unaffected
LinuxLinux6.1.155 <= 6.1.*unaffected
LinuxLinux6.6.109 <= 6.6.*unaffected
LinuxLinux6.12.50 <= 6.12.*unaffected
LinuxLinux6.16.10 <= 6.16.*unaffected
LinuxLinux6.17 <= *unaffected

Weaknesses

References