SB20251015121 - Input validation error in Linux kernel intel i40e driver
Published: October 15, 2025
Security Bulletin ID
SB20251015121
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Input validation error (CVE-ID: CVE-2025-39973)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the i40e_config_vsi_tx_queue() and i40e_config_vsi_rx_queue() functions in drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/0543d40d6513cdf1c7882811086e59a6455dfe97
- https://git.kernel.org/stable/c/05fe81fb9db20464fa532a3835dc8300d68a2f84
- https://git.kernel.org/stable/c/45a7527cd7da4cdcf3b06b5c0cb1cae30b5a5985
- https://git.kernel.org/stable/c/55d225670def06b01af2e7a5e0446fbe946289e8
- https://git.kernel.org/stable/c/7d749e38dd2b7e8a80da2ca30c93e09de95bfcf9
- https://git.kernel.org/stable/c/afec12adab55d10708179a64d95d650741e60fe0
- https://git.kernel.org/stable/c/c0c83f4cd074b75cecef107bfc349be7d516c9c4
- https://git.kernel.org/stable/c/d3b0d3f8d11fa957171fbb186e53998361a88d4e