CVE-2025-39973

NONE EPSS 9.1%
Published Oct 15, 20258mo ago · Modified Jun 17, 20261w ago
Find Similar
Published Oct 15, 2025 8mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: i40e: add validation for ring_len param The `ring_len` parameter provided by the virtual function (VF) is assigned directly to the hardware memory context (HMC) without any validation. To address this, introduce an upper boundary check for both Tx and Rx queue lengths. The maximum number of descriptors supported by the hardware is 8k-32. Additionally, enforce alignment constraints: Tx rings must be a multiple of 8, and Rx rings must be a multiple of 32.

Threat Intelligence

EPSS Exploit Probability
9.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 8

  • git.kernel.org https://git.kernel.org/stable/c/0543d40d6513cdf1c7882811086e59a6455dfe97
  • git.kernel.org https://git.kernel.org/stable/c/05fe81fb9db20464fa532a3835dc8300d68a2f84
  • git.kernel.org https://git.kernel.org/stable/c/45a7527cd7da4cdcf3b06b5c0cb1cae30b5a5985
  • git.kernel.org https://git.kernel.org/stable/c/55d225670def06b01af2e7a5e0446fbe946289e8
  • git.kernel.org https://git.kernel.org/stable/c/7d749e38dd2b7e8a80da2ca30c93e09de95bfcf9
  • git.kernel.org https://git.kernel.org/stable/c/afec12adab55d10708179a64d95d650741e60fe0
  • git.kernel.org https://git.kernel.org/stable/c/c0c83f4cd074b75cecef107bfc349be7d516c9c4
  • git.kernel.org https://git.kernel.org/stable/c/d3b0d3f8d11fa957171fbb186e53998361a88d4e

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.