IM
IronMonkey Threat Research

CVE-2025-71112 HIGH

Published: 2026-01-14 | Last Modified: 2026-07-14 | Status: Modified

Description

In the Linux kernel, the following vulnerability has been resolved: net: hns3: add VLAN id validation before using Currently, the VLAN id may be used without validation when receive a VLAN configuration mailbox from VF. The length of vlan_del_fail_bmap is BITS_TO_LONGS(VLAN_N_VID). It may cause out-of-bounds memory access once the VLAN id is bigger than or equal to VLAN_N_VID. Therefore, VLAN id needs to be checked to ensure it is within the range of VLAN_N_VID.

Additional Descriptions (1)

En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: net: hns3: añadir validación de ID de VLAN antes de usar Actualmente, el ID de VLAN puede ser usado sin validación cuando se recibe un buzón de configuración de VLAN desde VF. La longitud de vlan_del_fail_bmap es BITS_TO_LONGS(VLAN_N_VID). Puede causar acceso a memoria fuera de límites una vez que el ID de VLAN es mayor o igual que VLAN_N_VID. Por lo tanto, el ID de VLAN necesita ser verificado para asegurar que está dentro del rango de VLAN_N_VID.

CVSS Metrics

Base Score: 7.1 (HIGH)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Attack VectorLOCAL
Attack ComplexityLOW
Privileges RequiredLOW
User InteractionNONE
ScopeUNCHANGED
Confidentiality ImpactHIGH
Integrity ImpactNONE
Availability ImpactHIGH

Source: [email protected]

Type: Primary

Exploitability Score: 1.8

Impact Score: 5.2

Weaknesses

Source Type Description
[email protected] Primary
en CWE-125

Affected Products

Vendor Product Version Update Type
linux linux_kernel * <built-in method update of dict object at 0x702bcc125280> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bcc126200> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bcc127bc0> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bcc125040> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bcc1248c0> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702b829a46c0> Operating System
linux linux_kernel 5.3 <built-in method update of dict object at 0x702bcc127fc0> Operating System
linux linux_kernel 6.19 <built-in method update of dict object at 0x702bcc127440> Operating System
linux linux_kernel 6.19 <built-in method update of dict object at 0x702bcc125980> Operating System
linux linux_kernel 6.19 <built-in method update of dict object at 0x702bcc125c00> Operating System
linux linux_kernel 6.19 <built-in method update of dict object at 0x702bdd6ada80> Operating System
linux linux_kernel 6.19 <built-in method update of dict object at 0x702bcc126d80> Operating System
linux linux_kernel 6.19 <built-in method update of dict object at 0x702bddf48100> Operating System
linux linux_kernel 6.19 <built-in method update of dict object at 0x702bde536680> Operating System
linux linux_kernel 6.19 <built-in method update of dict object at 0x702bcc124cc0> Operating System

Affected Configurations

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:5.3:-:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:6.19:rc5:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:6.19:rc6:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:6.19:rc7:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:6.19:rc8:*:*:*:*:*:*

References

Notification
Message here