CVE-2025-71137

Summary

In the Linux kernel, the following vulnerability has been resolved:

octeontx2-pf: fix "UBSAN: shift-out-of-bounds error"

This patch ensures that the RX ring size (rx_pending) is not set below the permitted length. This avoids UBSAN shift-out-of-bounds errors when users passes small or zero ring sizes via ethtool -G.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxd45d8979840d9c9ac93d3fe8cfc8e794b7228445 < 5d8dfa3abb9a845302e021cf9c92d941abbc011aaffected
LinuxLinuxd45d8979840d9c9ac93d3fe8cfc8e794b7228445 < 4cc4cfe4d23c883120b6f3d41145edbaa281f2abaffected
LinuxLinuxd45d8979840d9c9ac93d3fe8cfc8e794b7228445 < 658caf3b8aad65f8b8e102670ca4f68c7030f655affected
LinuxLinuxd45d8979840d9c9ac93d3fe8cfc8e794b7228445 < b23a2e15589466a027c9baa3fb5813c9f6a6c6dcaffected
LinuxLinuxd45d8979840d9c9ac93d3fe8cfc8e794b7228445 < aa743b0d98448282b2cb37356db8db2a48524624affected
LinuxLinuxd45d8979840d9c9ac93d3fe8cfc8e794b7228445 < 442848e457f5a9f71a4e7e14d24d73dae278ebe3affected
LinuxLinuxd45d8979840d9c9ac93d3fe8cfc8e794b7228445 < 85f4b0c650d9f9db10bda8d3acfa1af83bf78cf7affected
LinuxLinux5.6affected
LinuxLinux0 < 5.6unaffected
LinuxLinux5.10.248 <= 5.10.*unaffected
LinuxLinux5.15.198 <= 5.15.*unaffected
LinuxLinux6.1.160 <= 6.1.*unaffected
LinuxLinux6.6.120 <= 6.6.*unaffected
LinuxLinux6.12.64 <= 6.12.*unaffected
LinuxLinux6.18.4 <= 6.18.*unaffected
LinuxLinux6.19 <= *unaffected

Weaknesses

References