Volerion logoVolerion
Volerion logoVolerion

Linux Kernel OcteonTX2-PF UBSAN Shift-Out-Of-Bounds Error Vulnerability Fix

Vulnerability

A vulnerability in the Linux kernel's OcteonTX2-PF driver allowed users to set the RX ring size below the minimum requirement, leading to a shift-out-of-bounds error. This issue occurred when small or zero ring sizes were specified using ethtool. The vulnerability has been addressed by ensuring that the RX ring size is not set below the allowed minimum.

Impact

The vulnerability could cause a shift-out-of-bounds error, which can lead to undefined behavior in the kernel, potentially allowing for memory corruption or other unintended consequences.

Reproduction

To reproduce this vulnerability, set the RX ring size to a value smaller than the minimum requirement of 16 using ethtool. This will trigger the UBSAN shift-out-of-bounds error, as the driver does not properly validate the ring size before applying it.

Remediation

The vulnerability has been fixed in the Linux kernel. Users should upgrade to the latest version where this issue has been addressed.

Added: Jan 14, 2026, 3:28 PM
Updated: Jan 14, 2026, 4:38 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
3.4
remediation
7.7
relevance
2.1
threat
4.8
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.