CVE-2025-39971

Summary

In the Linux kernel, the following vulnerability has been resolved:

i40e: fix idx validation in config queues msg

Ensure idx is within range of active/initialized TCs when iterating over vf->ch[idx] in i40e_vc_config_queues_msg().

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxc27eac48160de72dee33d42b5a33cc7b8a2eb1f5 < a6ff2af78343eceb0f77ab1a2fe802183bc21648affected
LinuxLinuxc27eac48160de72dee33d42b5a33cc7b8a2eb1f5 < f5f91d164af22e7147130ef8bebbdb28d8ecc6e2affected
LinuxLinuxc27eac48160de72dee33d42b5a33cc7b8a2eb1f5 < 1fa0aadade34481c567cdf4a897c0d4e4d548bd1affected
LinuxLinuxc27eac48160de72dee33d42b5a33cc7b8a2eb1f5 < 8b9c7719b0987b1c6c5fc910599f3618a558dbdeaffected
LinuxLinuxc27eac48160de72dee33d42b5a33cc7b8a2eb1f5 < 2cc26dac0518d2fa9b67ec813ee60e183480f98aaffected
LinuxLinuxc27eac48160de72dee33d42b5a33cc7b8a2eb1f5 < bfcc1dff429d4b99ba03e40ddacc68ea4be2b32baffected
LinuxLinuxc27eac48160de72dee33d42b5a33cc7b8a2eb1f5 < 5c1f96123113e0bdc6d8dc2b0830184c93da9f65affected
LinuxLinuxc27eac48160de72dee33d42b5a33cc7b8a2eb1f5 < f1ad24c5abe1eaef69158bac1405a74b3c365115affected
LinuxLinux4.17affected
LinuxLinux0 < 4.17unaffected
LinuxLinux5.4.300 <= 5.4.*unaffected
LinuxLinux5.10.245 <= 5.10.*unaffected
LinuxLinux5.15.194 <= 5.15.*unaffected
LinuxLinux6.1.155 <= 6.1.*unaffected
LinuxLinux6.6.109 <= 6.6.*unaffected
LinuxLinux6.12.50 <= 6.12.*unaffected
LinuxLinux6.16.10 <= 6.16.*unaffected
LinuxLinux6.17 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References