CVE-2025-71092 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-71092 PUBLISHED CVSS 7.800000190734863 HIGH

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix OOB write in bnxt_re_copy_err_stats() Commit ef56081d1864 ("RDMA/bnxt_re: RoCE related hardware counters update") added three new counters and placed them after BNXT_RE_OUT_OF_SEQ_ERR. BNXT_RE_OUT_OF_SEQ_ERR acts as a boundary marker for allocating hardware statistics with different num_counters values on chip_gen_p5_p7 devices. As a result, BNXT_RE_NUM_STD_COUNTERS are used when allocating hw_stats, which leads to an out-of-bounds write in bnxt_re_copy_err_stats(). The counters BNXT_RE_REQ_CQE_ERROR, BNXT_RE_RESP_CQE_ERROR, and BNXT_RE_RESP_REMOTE_ACCESS_ERRS are applicable to generic hardware, not only p5/p7 devices. Fix this by moving these counters before BNXT_RE_OUT_OF_SEQ_ERR so they are included in the generic counter set.

EPSS 0.03% · 7.6th percentile

Risk Scores

CVSS v3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

0.03%

7.6th percentile

Affected Products

Vendor	Product	Versions
linux	linux_kernel	6.19, 6.19, 6.19
Linux	Linux	ef56081d1864582a6db50710733416c0510b7826, 6.18, 0

Timeline

Jan 13, 2026 CVE ID Reserved
Jan 13, 2026 CVE Published
Jan 14, 2026 EPSS Score
Jan 16, 2026 EPSS Score
Jan 19, 2026 EPSS Score
Jan 21, 2026 EPSS Score
Jan 24, 2026 EPSS Score
Jan 26, 2026 EPSS Score
Jan 28, 2026 EPSS Score
Jan 31, 2026 EPSS Score
Feb 2, 2026 EPSS Score
Feb 5, 2026 EPSS Score

References

Open in Interactive Console →