2429109 – (CVE-2025-71064) CVE-2025-71064 kernel: net: hns3: using the num_tqps in the vf driver to apply for resources

Bug 2429109 (CVE-2025-71064) - CVE-2025-71064 kernel: net: hns3: using the num_tqps in the vf driver to apply for resources

Summary: CVE-2025-71064 kernel: net: hns3: using the num_tqps in the vf driver to appl...

Keywords:
Status:	NEW
Alias:	CVE-2025-71064
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2026-01-13 16:07 UTC by OSIDB Bzimport
Modified:	2026-01-14 22:42 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-01-13 16:07:20 UTC

In the Linux kernel, the following vulnerability has been resolved:

net: hns3: using the num_tqps in the vf driver to apply for resources

Currently, hdev->htqp is allocated using hdev->num_tqps, and kinfo->tqp
is allocated using kinfo->num_tqps. However, kinfo->num_tqps is set to
min(new_tqps, hdev->num_tqps);  Therefore, kinfo->num_tqps may be smaller
than hdev->num_tqps, which causes some hdev->htqp[i] to remain
uninitialized in hclgevf_knic_setup().

Thus, this patch allocates hdev->htqp and kinfo->tqp using hdev->num_tqps,
ensuring that the lengths of hdev->htqp and kinfo->tqp are consistent
and that all elements are properly initialized.

Comment 1 Jon Moroney 2026-01-14 22:39:05 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2026011322-CVE-2025-71064-94ea@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.