Linux Kernel ntb_hw_switchtec Shift-Out-Of-Bounds Vulnerability

Vulnerability

A shift-out-of-bounds vulnerability has been identified in the Linux kernel's ntb_hw_switchtec component. This issue arises in the ntb_mw_set_trans function, where the ntb_mw_clear_trans API incorrectly passes zero values for both address and size. This mismanagement leads to a negative xlate_pos, triggering the shift-out-of-bounds condition. The vulnerability has been addressed by ensuring that xlate_pos remains positive or zero before applying the BIT operation.

Impact

Exploitation of this vulnerability could lead to undefined behavior, potentially allowing for memory corruption or other unintended consequences due to the out-of-bounds shift operation.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel ntb_hw_switchtec Shift-Out-Of-Bounds Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating