CVE-2025-71068

HIGH EPSS 2.9%
Published Jan 13, 20265mo ago · Modified Jun 17, 20262w ago
7.8 CVSS 3.1
High
Find Similar
Published Jan 13, 2026 5mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: svcrdma: bound check rq_pages index in inline path svc_rdma_copy_inline_range indexed rqstp->rq_pages[rc_curpage] without verifying rc_curpage stays within the allocated page array. Add guards before the first use and after advancing to a new page.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
2.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 12

VendorProductVersionRange
linuxlinux_kernel*≥5.11  –  <5.15.198
linuxlinux_kernel*≥6.0  –  <6.6.120
linuxlinux_kernel*≥6.12  –  <6.12.64
linuxlinux_kernel*≥6.18  –  <6.18.3
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any

References 5

  • git.kernel.org https://git.kernel.org/stable/c/5f140b525180c628db8fa6c897f138194a2de417
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7ba826aae1d43212f3baa53a2175ad949e21926e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a22316f5e9a29e4b92030bd8fb9435fe0eb1d5c9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d1bea0ce35b6095544ee82bb54156fc62c067e58
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/da1ccfc4c452541584a4eae89e337cfa21be6d5a
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/5f140b525180c628db8fa6c897f138194a2de417
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7ba826aae1d43212f3baa53a2175ad949e21926e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a22316f5e9a29e4b92030bd8fb9435fe0eb1d5c9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d1bea0ce35b6095544ee82bb54156fc62c067e58
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/da1ccfc4c452541584a4eae89e337cfa21be6d5a
    Patch