Linux Kernel BNXT Driver Out-of-Range Access Vulnerability in VNIC Info Array

Vulnerability

A vulnerability in the Linux kernel's BNXT driver has been addressed, concerning an out-of-range access issue with the vnic_info array. The problem arose because the bnxt_queue_start and bnxt_queue_stop functions accessed the vnic_info array based on the number of virtual NICs allocated, which could lead to accessing memory beyond the allocated range. This vulnerability has been resolved by ensuring that the access to the vnic_info array does not exceed the allocated boundaries.

Impact

Exploitation of this vulnerability could lead to out-of-bounds memory access, potentially causing memory corruption or allowing for arbitrary code execution.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel BNXT Driver Out-of-Range Access Vulnerability in VNIC Info Array

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating