CVE-2025-39973
BaseFortify
Publication date: 2025-10-15
Last updated on: 2025-10-16
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves the Linux kernel's i40e driver where the 'ring_len' parameter provided by a virtual function (VF) was assigned directly to the hardware memory context (HMC) without validation. This could allow invalid or malicious values to be used. The fix introduced validation by adding an upper boundary check for both transmit (Tx) and receive (Rx) queue lengths, limiting them to a maximum supported by the hardware (8k-32 descriptors), and enforcing alignment constraints (Tx rings must be multiples of 8, Rx rings multiples of 32).
How can this vulnerability impact me? :
If exploited, this vulnerability could allow a virtual function to set invalid or out-of-bound ring lengths, potentially causing hardware memory corruption, instability, or denial of service in the network driver. This could impact system reliability and network performance.