Updated: 2025-11-19 04:02:49.477159
Description:
In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix aq_vec index out of range error The final update statement of the for loop exceeds the array range, the dereference of self->aq_vec[i] is not checked and then leads to the index out of range error. Also fixed this kind of coding style in other for loop. [ 97.937604] UBSAN: array-index-out-of-bounds in drivers/net/ethernet/aquantia/atlantic/aq_nic.c:1404:48 [ 97.937607] index 8 is out of range for type 'aq_vec_s *[8]' [ 97.937608] CPU: 38 PID: 3767 Comm: kworker/u256:18 Not tainted 5.19.0+ #2 [ 97.937610] Hardware name: Dell Inc. Precision 7865 Tower/, BIOS 1.0.0 06/12/2022 [ 97.937611] Workqueue: events_unbound async_run_entry_fn [ 97.937616] Call Trace: [ 97.937617] <TASK> [ 97.937619] dump_stack_lvl+0x49/0x63 [ 97.937624] dump_stack+0x10/0x16 [ 97.937626] ubsan_epilogue+0x9/0x3f [ 97.937627] __ubsan_handle_out_of_bounds.cold+0x44/0x49 [ 97.937629] ? __scm_send+0x348/0x440 [ 97.937632] ? aq_vec_stop+0x72/0x80 [atlantic] [ 97.937639] aq_nic_stop+0x1b6/0x1c0 [atlantic] [ 97.937644] aq_suspend_common+0x88/0x90 [atlantic] [ 97.937648] aq_pm_suspend_poweroff+0xe/0x20 [atlantic] [ 97.937653] pci_pm_suspend+0x7e/0x1a0 [ 97.937655] ? pci_pm_suspend_noirq+0x2b0/0x2b0 [ 97.937657] dpm_run_callback+0x54/0x190 [ 97.937660] __device_suspend+0x14c/0x4d0 [ 97.937661] async_suspend+0x23/0x70 [ 97.937663] async_run_entry_fn+0x33/0x120 [ 97.937664] process_one_work+0x21f/0x3f0 [ 97.937666] worker_thread+0x4a/0x3c0 [ 97.937668] ? process_one_work+0x3f0/0x3f0 [ 97.937669] kthread+0xf0/0x120 [ 97.937671] ? kthread_complete_and_exit+0x20/0x20 [ 97.937672] ret_from_fork+0x22/0x30 [ 97.937676] </TASK> v2. fixed "warning: variable 'aq_vec' set but not used" v3. simplified a for loop
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0.0 | |
| CVSS Version 3.x | HIGH | 7.8 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | kernel | 5.14.0 | 7.8 | HIGH | Released | CLSA-2025:1753298962 | 2025-07-24 01:56:04 | |
| CentOS 6 ELS | kernel | 2.6.32 | 7.8 | HIGH | Not Vulnerable | 2025-09-09 15:27:47 | ||
| CentOS 7 ELS | kernel | 3.10.0 | 7.8 | HIGH | Released | CLSA-2025:1757967705 | 2025-09-30 05:36:15 | |
| CentOS 8.4 ELS | kernel | 4.18.0 | 7.8 | HIGH | Released | CLSA-2025:1753297988 | 2025-07-24 01:56:05 | |
| CentOS 8.5 ELS | kernel | 4.18.0 | 7.8 | HIGH | Released | CLSA-2025:1753298320 | 2025-07-24 01:56:05 | |
| CentOS Stream 8 ELS | kernel | 4.18.0 | 7.8 | HIGH | Already Fixed | 2025-07-22 00:48:41 | ||
| CloudLinux 7 ELS | kernel | 3.10.0 | 7.8 | HIGH | Ignored | 2025-11-07 23:41:04 | CL7 support is limited | |
| Oracle Linux 6 ELS | kernel | 2.6.32 | 7.8 | HIGH | Not Vulnerable | 2025-11-02 08:25:34 | ||
| Oracle Linux 7 ELS | kernel | 3.10.0 | 7.8 | HIGH | Released | CLSA-2025:1757698145 | 2025-09-12 19:25:29 | |
| Oracle Linux 7 ELS | kernel-uek | 5.4.17 | 7.8 | HIGH | Needs Triage | 2025-10-30 10:25:56 |