Linux Kernel RDMA/bnxt_re Maximum Scatter-Gather Elements Vulnerability

Vulnerability

A vulnerability in the Linux kernel's RDMA/bnxt_re component has been addressed, concerning the maximum number of scatter-gather elements (SGEs) for Work Requests. The P7 version currently supports up to 13 SGEs, but the Work Queue Entry (WQE) software structure can only accommodate 6. This mismatch allows the stack to process requests with up to 13 SGEs, leading to traffic failures and system crashes. The vulnerability arose because the maximum SGE limit was not properly defined for variable-sized WQEs, causing issues for both static and variable WQEs.

Impact

Exploitation of this vulnerability could result in traffic failures and system crashes.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel RDMA/bnxt_re Maximum Scatter-Gather Elements Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating