Linux Kernel Out-of-Bounds Access Vulnerability in ICE Queue Quanta Validation

Vulnerability

A vulnerability in the Linux kernel's ICE (Intelligent Controller Engine) component has been addressed. The issue involved improper validation of queue quanta parameters, which could lead to out-of-bounds access. The vulnerability allowed for queue wraparound in quanta configuration, potentially causing unintended behavior. The fix ensures that the end queue ID does not overflow by validating the start queue ID and the number of queues.

Impact

Exploitation of this vulnerability could lead to out-of-bounds access, potentially allowing for memory corruption or other unintended consequences.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Out-of-Bounds Access Vulnerability in ICE Queue Quanta Validation

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating