Shift-Out-of-Bounds Vulnerability in Linux Kernel Affecting Networking
CVE-2025-71137

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 14 January 2026

What is CVE-2025-71137?

A vulnerability has been identified in the Linux kernel related to the RX ring size management for the octeontx2-pf network driver. This flaw allows the RX ring size to be incorrectly set to values below the permissible length. When users input small or zero values via ethtool -G, it triggers a UBSAN (Undefined Behavior Sanitizer) shift-out-of-bounds error. This issue underscores the importance of validating input parameters to ensure the stability and reliability of network operations.

Affected Version(s)

Linux d45d8979840d9c9ac93d3fe8cfc8e794b7228445 < 5d8dfa3abb9a845302e021cf9c92d941abbc011a

Linux d45d8979840d9c9ac93d3fe8cfc8e794b7228445 < 4cc4cfe4d23c883120b6f3d41145edbaa281f2ab

Linux d45d8979840d9c9ac93d3fe8cfc8e794b7228445 < 658caf3b8aad65f8b8e102670ca4f68c7030f655

References

https://git.kernel.org/stable/c/5d8dfa3abb9a845302e021cf9...

https://git.kernel.org/stable/c/4cc4cfe4d23c883120b6f3d41...

https://git.kernel.org/stable/c/658caf3b8aad65f8b8e102670...

Timeline

Vulnerability published
Jan 14, 2026
Vulnerability Reserved
Jan 13, 2026

JSON