CVE-2025-39972

Vulnerability

Overview

CVE-2025-39972 is a flaw in the Linux kernel's i40e network driver, specifically in the i40e_validate_queue_map() function. The function iterates over vf->ch[idx] without ensuring that idx is within the bounds of the active or initialized traffic classes (TCs). This missing validation can cause the driver to access memory outside the intended array, leading to undefined behavior.

Attack

Vector and Prerequisites

Exploitation of this vulnerability requires local access to the system, as the function is invoked during the configuration of virtual functions (VFs) in the i40e driver. An attacker with the ability to set up VFs or influence their queue mapping could trigger the out-of-bounds access. No authentication is needed beyond the ability to interact with the VF setup, but physical or logical local access is necessary [1][2][3].

Impact

Successful exploitation could result in a denial of service (system crash or kernel panic) or potentially memory corruption, depending on the specific out-of-bounds read/write. The impact is primarily limited to system stability, as the driver runs in kernel space.

Mitigation

The fix has been applied in the upstream Linux kernel stable branches. Administrators should update their kernel to include the commit that adds the proper bounds check. No workaround is available without the patch [1][2][3].