CVE-2025-22112

HIGH

Linux kernel - Buffer Overflow

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: fix out-of-range access of vnic_info array The bnxt_queue_{start | stop}() access vnic_info as much as allocated, which indicates bp->nr_vnics. So, it should not reach bp->vnic_info[bp->nr_vnics].

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/919f9f497dbcee75d487400e8f9815b74a6a37df

Patch

https://git.kernel.org/stable/c/b1e081d331ab3a0dea25425f2b6ddeb365fc9d22

Patch

https://git.kernel.org/stable/c/e1724f07693439deaa413ebc2a2640325cf247f5

Scores

CVSS v3 7.1

EPSS 0.0006

EPSS Percentile 18.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Details

CWE

CWE-125

Status published

Products (5)

linux/Kernel < 6.12.35linux

linux/Kernel 6.13.0 - 6.14.2linux

linux/linux_kernel 6.14 (2 CPE variants)

linux/linux_kernel 6.14.1

linux/linux_kernel 6.12.20 - 6.12.35

Published Apr 16, 2025

Tracked Since Feb 18, 2026