CVE-2025-71092

UNKNOWN 0.0

RDMA/bnxt_re: Fix OOB write in bnxt_re_copy_err_stats()

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix OOB write in bnxt_re_copy_err_stats() Commit ef56081d1864 ("RDMA/bnxt_re: RoCE related hardware counters update") added three new counters and placed them after BNXT_RE_OUT_OF_SEQ_ERR. BNXT_RE_OUT_OF_SEQ_ERR acts as a boundary marker for allocating hardware statistics with different num_counters values on chip_gen_p5_p7 devices. As a result, BNXT_RE_NUM_STD_COUNTERS are used when allocating hw_stats, which leads to an out-of-bounds write in bnxt_re_copy_err_stats(). The counters BNXT_RE_REQ_CQE_ERROR, BNXT_RE_RESP_CQE_ERROR, and BNXT_RE_RESP_REMOTE_ACCESS_ERRS are applicable to generic hardware, not only p5/p7 devices. Fix this by moving these counters before BNXT_RE_OUT_OF_SEQ_ERR so they are included in the generic counter set.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Jan 13, 2026
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

ef56081d1864582a6db50710733416c0510b7826 < 369a161c48723f60f06f3510b82ea7d96d0499ab ef56081d1864582a6db50710733416c0510b7826 < 9b68a1cc966bc947d00e4c0df7722d118125aa37

Linux / Linux

6.18

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/369a161c48723f60f06f3510b82ea7d96d0499ab git.kernel.org: https://git.kernel.org/stable/c/9b68a1cc966bc947d00e4c0df7722d118125aa37