CVE-2025-71092

Published: Jan 13, 2026

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix OOB write in bnxt_re_copy_err_stats() Commit ef56081d1864 ("RDMA/bnxt_re: RoCE related hardware counters update") added three new counters and placed them after BNXT_RE_OUT_OF_SEQ_ERR. BNXT_RE_OUT_OF_SEQ_ERR acts as a boundary marker for allocating hardware statistics with different num_counters values on chip_gen_p5_p7 devices. As a result, BNXT_RE_NUM_STD_COUNTERS are used when allocating hw_stats, which leads to an out-of-bounds write in bnxt_re_copy_err_stats(). The counters BNXT_RE_REQ_CQE_ERROR, BNXT_RE_RESP_CQE_ERROR, and BNXT_RE_RESP_REMOTE_ACCESS_ERRS are applicable to generic hardware, not only p5/p7 devices. Fix this by moving these counters before BNXT_RE_OUT_OF_SEQ_ERR so they are included in the generic counter set.

Vendor	Product	Versions
Linux	Linux	affected `ef56081d1864582a6db50710733416c0510b7826 - < 369a161c48723f60f06f3510b82ea7d96d0499ab` affected `ef56081d1864582a6db50710733416c0510b7826 - < 9b68a1cc966bc947d00e4c0df7722d118125aa37`
Linux	Linux	affected `6.18` unaffected `0 - < 6.18` unaffected `6.18.4 - <= 6.18.` unaffected `6.19 - <= `

References

https://git.kernel.org/stable/c/369a161c48723f60f06f3510b82ea7d96d0499ab

https://git.kernel.org/stable/c/9b68a1cc966bc947d00e4c0df7722d118125aa37

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-71092

Description

Affected Products

References