Linux Kernel i40e Driver Integer Underflow Vulnerability Leading to Invalid MMIO Write

Vulnerability

A vulnerability in the Linux kernel's i40e network driver has been identified, where certain input from the device can cause an integer underflow. This underflow allows for Memory-Mapped Input/Output (MMIO) write access to an invalid memory page. The issue has been addressed by modifying the variable types involved to prevent the underflow.

Impact

Exploitation of this vulnerability could lead to unauthorized MMIO write operations on invalid memory pages, potentially causing memory corruption or other unintended behavior in the kernel.

Added: Jul 4, 2025, 3:27 PM

Updated: Jul 4, 2025, 3:27 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel i40e Driver Integer Underflow Vulnerability Leading to Invalid MMIO Write

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating