Linux Kernel octeontx2-pf: Fix UBSAN shift OOB via ethtool
CVE-2025-71137 Published on January 14, 2026
octeontx2-pf: fix "UBSAN: shift-out-of-bounds error"
In the Linux kernel, the following vulnerability has been resolved:
octeontx2-pf: fix "UBSAN: shift-out-of-bounds error"
This patch ensures that the RX ring size (rx_pending) is not
set below the permitted length. This avoids UBSAN
shift-out-of-bounds errors when users passes small or zero
ring sizes via ethtool -G.
Products Associated with CVE-2025-71137
stack.watch emails you whenever new vulnerabilities are published in Linux Kernel or Canonical Ubuntu Linux. Just hit a watch button to start following.
Affected Versions
Linux:- Version d45d8979840d9c9ac93d3fe8cfc8e794b7228445 and below 5d8dfa3abb9a845302e021cf9c92d941abbc011a is affected.
- Version d45d8979840d9c9ac93d3fe8cfc8e794b7228445 and below 4cc4cfe4d23c883120b6f3d41145edbaa281f2ab is affected.
- Version d45d8979840d9c9ac93d3fe8cfc8e794b7228445 and below 658caf3b8aad65f8b8e102670ca4f68c7030f655 is affected.
- Version d45d8979840d9c9ac93d3fe8cfc8e794b7228445 and below b23a2e15589466a027c9baa3fb5813c9f6a6c6dc is affected.
- Version d45d8979840d9c9ac93d3fe8cfc8e794b7228445 and below aa743b0d98448282b2cb37356db8db2a48524624 is affected.
- Version d45d8979840d9c9ac93d3fe8cfc8e794b7228445 and below 442848e457f5a9f71a4e7e14d24d73dae278ebe3 is affected.
- Version d45d8979840d9c9ac93d3fe8cfc8e794b7228445 and below 85f4b0c650d9f9db10bda8d3acfa1af83bf78cf7 is affected.
- Version 5.6 is affected.
- Before 5.6 is unaffected.
- Version 5.10.248, <= 5.10.* is unaffected.
- Version 5.15.198, <= 5.15.* is unaffected.
- Version 6.1.160, <= 6.1.* is unaffected.
- Version 6.6.120, <= 6.6.* is unaffected.
- Version 6.12.64, <= 6.12.* is unaffected.
- Version 6.18.4, <= 6.18.* is unaffected.
- Version 6.19, <= * is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.