VDB
DEBIAN-CVE-2025-71086
DEBIAN-CVE-2025-71086
PUBLISHED
CVSS 7.800000190734863 HIGH
In the Linux kernel, the following vulnerability has been resolved: net: rose: fix invalid array index in rose_kill_by_device() rose_kill_by_device() collects sockets into a local array[] and then iterates over them to disconnect sockets bound to a device being brought down. The loop mistakenly indexes array[cnt] instead of array[i]. For cnt < ARRAY_SIZE(array), this reads an uninitialized entry; for cnt == ARRAY_SIZE(array), it is an out-of-bounds read. Either case can lead to an invalid socket pointer dereference and also leaks references taken via sock_hold(). Fix the index to use i.
Risk Scores
CVSS v3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | linux-6.1 | 6.1.159-1, 6.1.158-1, 6.1.153-1 |
| Debian:14 | linux | 6.16.12-1, 6.17.13-1, * |
| Debian:12 | linux | 6.1.106-1, 0, 6.1.106-1 |
| Debian:11 | linux | 5.10.46-5, 5.10.127-2, 5.10.140-1 |
| Debian | linux | |
| Debian:13 | linux | 6.12.63-1, 6.12.63-1, 6.12.57-1 |
Timeline
- Jan 13, 2026 CVE Published
- Apr 28, 2026 CVE Updated