Out-of-Bounds Dereference Vulnerability in Linux Kernel i40e Component
CVE-2025-39970
What is CVE-2025-39970?
A vulnerability in the i40e component of the Linux kernel has been identified, which allows for potential out-of-bounds dereference due to improper input validation logic. The vulnerability arises from a failure to adequately check conditions, specifically whether inputs are 'greater or equal', leading to possible exploitation scenarios. This issue has been resolved through a patch that corrects the validation checks, thereby mitigating the associated risk. It is crucial for system administrators to ensure their systems are updated to the latest kernel version to protect against potential exploitation.
Affected Version(s)
Linux e284fc280473bed23f2e1ed324e102a48f7d17e1
Linux e284fc280473bed23f2e1ed324e102a48f7d17e1 < 28465770ca3b694286ff9ed6dfd558413f57d98f
Linux e284fc280473bed23f2e1ed324e102a48f7d17e1