{"id":"CVE-2025-71133","summary":"RDMA/irdma: avoid invalid read in irdma_net_event","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: avoid invalid read in irdma_net_event\n\nirdma_net_event() should not dereference anything from \"neigh\" (alias\n\"ptr\") until it has checked that the event is NETEVENT_NEIGH_UPDATE.\nOther events come with different structures pointed to by \"ptr\" and they\nmay be smaller than struct neighbour.\n\nMove the read of neigh-\u003edev under the NETEVENT_NEIGH_UPDATE case.\n\nThe bug is mostly harmless, but it triggers KASAN on debug kernels:\n\n BUG: KASAN: stack-out-of-bounds in irdma_net_event+0x32e/0x3b0 [irdma]\n Read of size 8 at addr ffffc900075e07f0 by task kworker/27:2/542554\n\n CPU: 27 PID: 542554 Comm: kworker/27:2 Kdump: loaded Not tainted 5.14.0-630.el9.x86_64+debug #1\n Hardware name: [...]\n Workqueue: events rt6_probe_deferred\n Call Trace:\n  \u003cIRQ\u003e\n  dump_stack_lvl+0x60/0xb0\n  print_address_description.constprop.0+0x2c/0x3f0\n  print_report+0xb4/0x270\n  kasan_report+0x92/0xc0\n  irdma_net_event+0x32e/0x3b0 [irdma]\n  notifier_call_chain+0x9e/0x180\n  atomic_notifier_call_chain+0x5c/0x110\n  rt6_do_redirect+0xb91/0x1080\n  tcp_v6_err+0xe9b/0x13e0\n  icmpv6_notify+0x2b2/0x630\n  ndisc_redirect_rcv+0x328/0x530\n  icmpv6_rcv+0xc16/0x1360\n  ip6_protocol_deliver_rcu+0xb84/0x12e0\n  ip6_input_finish+0x117/0x240\n  ip6_input+0xc4/0x370\n  ipv6_rcv+0x420/0x7d0\n  __netif_receive_skb_one_core+0x118/0x1b0\n  process_backlog+0xd1/0x5d0\n  __napi_poll.constprop.0+0xa3/0x440\n  net_rx_action+0x78a/0xba0\n  handle_softirqs+0x2d4/0x9c0\n  do_softirq+0xad/0xe0\n  \u003c/IRQ\u003e","modified":"2026-02-09T19:33:31.581744Z","published":"2026-01-14T15:07:48.524Z","related":["MGASA-2026-0017","MGASA-2026-0018"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71133.json"},"references":[{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"},{"type":"WEB","url":"https://git.kernel.org/stable/c/305c02e541befe4a44ffde30ed374970f41aeb6c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6f05611728e9d0ab024832a4f1abb74a5f5d0bb0"},{"type":"WEB","url":"https://git.kernel.org/stable/c/bf197c7c79ef6458d1ee84dd7db251b51784885f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d9b9affd103f51b42322da4ed5ac025b560bc354"},{"type":"WEB","url":"https://git.kernel.org/stable/c/db93ae6fa66f1c61ae63400191195e3ee58021da"},{"type":"WEB","url":"https://git.kernel.org/stable/c/fc23d05f0b3fb4d80657e7afebae2cae686b31c8"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71133.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-71133"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"915cc7ac0f8e2a23675ee896e87f17c7d3c47089"},{"fixed":"db93ae6fa66f1c61ae63400191195e3ee58021da"},{"fixed":"305c02e541befe4a44ffde30ed374970f41aeb6c"},{"fixed":"fc23d05f0b3fb4d80657e7afebae2cae686b31c8"},{"fixed":"bf197c7c79ef6458d1ee84dd7db251b51784885f"},{"fixed":"d9b9affd103f51b42322da4ed5ac025b560bc354"},{"fixed":"6f05611728e9d0ab024832a4f1abb74a5f5d0bb0"}]}],"versions":["v5.13","v5.13-rc2","v5.13-rc3","v5.13-rc4","v5.13-rc5","v5.13-rc6","v5.13-rc7","v5.14","v5.14-rc1","v5.14-rc2","v5.14-rc3","v5.14-rc4","v5.14-rc5","v5.14-rc6","v5.14-rc7","v5.15","v5.15-rc1","v5.15-rc2","v5.15-rc3","v5.15-rc4","v5.15-rc5","v5.15-rc6","v5.15-rc7","v5.15.1","v5.15.10","v5.15.100","v5.15.101","v5.15.102","v5.15.103","v5.15.104","v5.15.105","v5.15.106","v5.15.107","v5.15.108","v5.15.109","v5.15.11","v5.15.110","v5.15.111","v5.15.112","v5.15.113","v5.15.114","v5.15.115","v5.15.116","v5.15.117","v5.15.118","v5.15.119","v5.15.12","v5.15.120","v5.15.121","v5.15.122","v5.15.123","v5.15.124","v5.15.125","v5.15.126","v5.15.127","v5.15.128","v5.15.129","v5.15.13","v5.15.130","v5.15.131","v5.15.132","v5.15.133","v5.15.134","v5.15.135","v5.15.136","v5.15.137","v5.15.138","v5.15.139","v5.15.14","v5.15.140","v5.15.141","v5.15.142","v5.15.143","v5.15.144","v5.15.145","v5.15.146","v5.15.147","v5.15.148","v5.15.149","v5.15.15","v5.15.150","v5.15.151","v5.15.152","v5.15.153","v5.15.154","v5.15.155","v5.15.156","v5.15.157","v5.15.158","v5.15.159","v5.15.16","v5.15.160","v5.15.161","v5.15.162","v5.15.163","v5.15.164","v5.15.165","v5.15.166","v5.15.167","v5.15.168","v5.15.169","v5.15.17","v5.15.170","v5.15.171","v5.15.172","v5.15.173","v5.15.174","v5.15.175","v5.15.176","v5.15.177","v5.15.178","v5.15.179","v5.15.18","v5.15.180","v5.15.181","v5.15.182","v5.15.183","v5.15.184","v5.15.185","v5.15.186","v5.15.187","v5.15.188","v5.15.189","v5.15.19","v5.15.190","v5.15.191","v5.15.192","v5.15.193","v5.15.194","v5.15.195","v5.15.196","v5.15.197","v5.15.2","v5.15.20","v5.15.21","v5.15.22","v5.15.23","v5.15.24","v5.15.25","v5.15.26","v5.15.27","v5.15.28","v5.15.29","v5.15.3","v5.15.30","v5.15.31","v5.15.32","v5.15.33","v5.15.34","v5.15.35","v5.15.36","v5.15.37","v5.15.38","v5.15.39","v5.15.4","v5.15.40","v5.15.41","v5.15.42","v5.15.43","v5.15.44","v5.15.45","v5.15.46","v5.15.47","v5.15.48","v5.15.49","v5.15.5","v5.15.50","v5.15.51","v5.15.52","v5.15.53","v5.15.54","v5.15.55","v5.15.56","v5.15.57","v5.15.58","v5.15.59","v5.15.6","v5.15.60","v5.15.61","v5.15.62","v5.15.63","v5.15.64","v5.15.65","v5.15.66","v5.15.67","v5.15.68","v5.15.69","v5.15.7","v5.15.70","v5.15.71","v5.15.72","v5.15.73","v5.15.74","v5.15.75","v5.15.76","v5.15.77","v5.15.78","v5.15.79","v5.15.8","v5.15.80","v5.15.81","v5.15.82","v5.15.83","v5.15.84","v5.15.85","v5.15.86","v5.15.87","v5.15.88","v5.15.89","v5.15.9","v5.15.90","v5.15.91","v5.15.92","v5.15.93","v5.15.94","v5.15.95","v5.15.96","v5.15.97","v5.15.98","v5.15.99","v5.16","v5.16-rc1","v5.16-rc2","v5.16-rc3","v5.16-rc4","v5.16-rc5","v5.16-rc6","v5.16-rc7","v5.16-rc8","v5.17","v5.17-rc1","v5.17-rc2","v5.17-rc3","v5.17-rc4","v5.17-rc5","v5.17-rc6","v5.17-rc7","v5.17-rc8","v5.18","v5.18-rc1","v5.18-rc2","v5.18-rc3","v5.18-rc4","v5.18-rc5","v5.18-rc6","v5.18-rc7","v5.19","v5.19-rc1","v5.19-rc2","v5.19-rc3","v5.19-rc4","v5.19-rc5","v5.19-rc6","v5.19-rc7","v5.19-rc8","v6.0","v6.0-rc1","v6.0-rc2","v6.0-rc3","v6.0-rc4","v6.0-rc5","v6.0-rc6","v6.0-rc7","v6.1","v6.1-rc1","v6.1-rc2","v6.1-rc3","v6.1-rc4","v6.1-rc5","v6.1-rc6","v6.1-rc7","v6.1-rc8","v6.1.1","v6.1.10","v6.1.100","v6.1.101","v6.1.102","v6.1.103","v6.1.104","v6.1.105","v6.1.106","v6.1.107","v6.1.108","v6.1.109","v6.1.11","v6.1.110","v6.1.111","v6.1.112","v6.1.113","v6.1.114","v6.1.115","v6.1.116","v6.1.117","v6.1.118","v6.1.119","v6.1.12","v6.1.120","v6.1.121","v6.1.122","v6.1.123","v6.1.124","v6.1.125","v6.1.126","v6.1.127","v6.1.128","v6.1.129","v6.1.13","v6.1.130","v6.1.131","v6.1.132","v6.1.133","v6.1.134","v6.1.135","v6.1.136","v6.1.137","v6.1.138","v6.1.139","v6.1.14","v6.1.140","v6.1.141","v6.1.142","v6.1.143","v6.1.144","v6.1.145","v6.1.146","v6.1.147","v6.1.148","v6.1.149","v6.1.15","v6.1.150","v6.1.151","v6.1.152","v6.1.153","v6.1.154","v6.1.155","v6.1.156","v6.1.157","v6.1.158","v6.1.159","v6.1.16","v6.1.17","v6.1.18","v6.1.19","v6.1.2","v6.1.20","v6.1.21","v6.1.22","v6.1.23","v6.1.24","v6.1.25","v6.1.26","v6.1.27","v6.1.28","v6.1.29","v6.1.3","v6.1.30","v6.1.31","v6.1.32","v6.1.33","v6.1.34","v6.1.35","v6.1.36","v6.1.37","v6.1.38","v6.1.39","v6.1.4","v6.1.40","v6.1.41","v6.1.42","v6.1.43","v6.1.44","v6.1.45","v6.1.46","v6.1.47","v6.1.48","v6.1.49","v6.1.5","v6.1.50","v6.1.51","v6.1.52","v6.1.53","v6.1.54","v6.1.55","v6.1.56","v6.1.57","v6.1.58","v6.1.59","v6.1.6","v6.1.60","v6.1.61","v6.1.62","v6.1.63","v6.1.64","v6.1.65","v6.1.66","v6.1.67","v6.1.68","v6.1.69","v6.1.7","v6.1.70","v6.1.71","v6.1.72","v6.1.73","v6.1.74","v6.1.75","v6.1.76","v6.1.77","v6.1.78","v6.1.79","v6.1.8","v6.1.80","v6.1.81","v6.1.82","v6.1.83","v6.1.84","v6.1.85","v6.1.86","v6.1.87","v6.1.88","v6.1.89","v6.1.9","v6.1.90","v6.1.91","v6.1.92","v6.1.93","v6.1.94","v6.1.95","v6.1.96","v6.1.97","v6.1.98","v6.1.99","v6.10","v6.10-rc1","v6.10-rc2","v6.10-rc3","v6.10-rc4","v6.10-rc5","v6.10-rc6","v6.10-rc7","v6.11","v6.11-rc1","v6.11-rc2","v6.11-rc3","v6.11-rc4","v6.11-rc5","v6.11-rc6","v6.11-rc7","v6.12","v6.12-rc1","v6.12-rc2","v6.12-rc3","v6.12-rc4","v6.12-rc5","v6.12-rc6","v6.12-rc7","v6.12.1","v6.12.10","v6.12.11","v6.12.12","v6.12.13","v6.12.14","v6.12.15","v6.12.16","v6.12.17","v6.12.18","v6.12.19","v6.12.2","v6.12.20","v6.12.21","v6.12.22","v6.12.23","v6.12.24","v6.12.25","v6.12.26","v6.12.27","v6.12.28","v6.12.29","v6.12.3","v6.12.30","v6.12.31","v6.12.32","v6.12.33","v6.12.34","v6.12.35","v6.12.36","v6.12.37","v6.12.38","v6.12.39","v6.12.4","v6.12.40","v6.12.41","v6.12.42","v6.12.43","v6.12.44","v6.12.45","v6.12.46","v6.12.47","v6.12.48","v6.12.49","v6.12.5","v6.12.50","v6.12.51","v6.12.52","v6.12.53","v6.12.54","v6.12.55","v6.12.56","v6.12.57","v6.12.58","v6.12.59","v6.12.6","v6.12.60","v6.12.61","v6.12.62","v6.12.63","v6.12.7","v6.12.8","v6.12.9","v6.13","v6.13-rc1","v6.13-rc2","v6.13-rc3","v6.13-rc4","v6.13-rc5","v6.13-rc6","v6.13-rc7","v6.14","v6.14-rc1","v6.14-rc2","v6.14-rc3","v6.14-rc4","v6.14-rc5","v6.14-rc6","v6.14-rc7","v6.15","v6.15-rc1","v6.15-rc2","v6.15-rc3","v6.15-rc4","v6.15-rc5","v6.15-rc6","v6.15-rc7","v6.16","v6.16-rc1","v6.16-rc2","v6.16-rc3","v6.16-rc4","v6.16-rc5","v6.16-rc6","v6.16-rc7","v6.17","v6.17-rc1","v6.17-rc2","v6.17-rc3","v6.17-rc4","v6.17-rc5","v6.17-rc6","v6.17-rc7","v6.18","v6.18-rc1","v6.18-rc2","v6.18-rc3","v6.18-rc4","v6.18-rc5","v6.18-rc6","v6.18-rc7","v6.18.1","v6.18.2","v6.18.3","v6.19-rc1","v6.2","v6.2-rc1","v6.2-rc2","v6.2-rc3","v6.2-rc4","v6.2-rc5","v6.2-rc6","v6.2-rc7","v6.2-rc8","v6.3","v6.3-rc1","v6.3-rc2","v6.3-rc3","v6.3-rc4","v6.3-rc5","v6.3-rc6","v6.3-rc7","v6.4","v6.4-rc1","v6.4-rc2","v6.4-rc3","v6.4-rc4","v6.4-rc5","v6.4-rc6","v6.4-rc7","v6.5","v6.5-rc1","v6.5-rc2","v6.5-rc3","v6.5-rc4","v6.5-rc5","v6.5-rc6","v6.5-rc7","v6.6","v6.6-rc1","v6.6-rc2","v6.6-rc3","v6.6-rc4","v6.6-rc5","v6.6-rc6","v6.6-rc7","v6.6.1","v6.6.10","v6.6.100","v6.6.101","v6.6.102","v6.6.103","v6.6.104","v6.6.105","v6.6.106","v6.6.107","v6.6.108","v6.6.109","v6.6.11","v6.6.110","v6.6.111","v6.6.112","v6.6.113","v6.6.114","v6.6.115","v6.6.116","v6.6.117","v6.6.118","v6.6.119","v6.6.12","v6.6.13","v6.6.14","v6.6.15","v6.6.16","v6.6.17","v6.6.18","v6.6.19","v6.6.2","v6.6.20","v6.6.21","v6.6.22","v6.6.23","v6.6.24","v6.6.25","v6.6.26","v6.6.27","v6.6.28","v6.6.29","v6.6.3","v6.6.30","v6.6.31","v6.6.32","v6.6.33","v6.6.34","v6.6.35","v6.6.36","v6.6.37","v6.6.38","v6.6.39","v6.6.4","v6.6.40","v6.6.41","v6.6.42","v6.6.43","v6.6.44","v6.6.45","v6.6.46","v6.6.47","v6.6.48","v6.6.49","v6.6.5","v6.6.50","v6.6.51","v6.6.52","v6.6.53","v6.6.54","v6.6.55","v6.6.56","v6.6.57","v6.6.58","v6.6.59","v6.6.6","v6.6.60","v6.6.61","v6.6.62","v6.6.63","v6.6.64","v6.6.65","v6.6.66","v6.6.67","v6.6.68","v6.6.69","v6.6.7","v6.6.70","v6.6.71","v6.6.72","v6.6.73","v6.6.74","v6.6.75","v6.6.76","v6.6.77","v6.6.78","v6.6.79","v6.6.8","v6.6.80","v6.6.81","v6.6.82","v6.6.83","v6.6.84","v6.6.85","v6.6.86","v6.6.87","v6.6.88","v6.6.89","v6.6.9","v6.6.90","v6.6.91","v6.6.92","v6.6.93","v6.6.94","v6.6.95","v6.6.96","v6.6.97","v6.6.98","v6.6.99","v6.7","v6.7-rc1","v6.7-rc2","v6.7-rc3","v6.7-rc4","v6.7-rc5","v6.7-rc6","v6.7-rc7","v6.7-rc8","v6.8","v6.8-rc1","v6.8-rc2","v6.8-rc3","v6.8-rc4","v6.8-rc5","v6.8-rc6","v6.8-rc7","v6.9","v6.9-rc1","v6.9-rc2","v6.9-rc3","v6.9-rc4","v6.9-rc5","v6.9-rc6","v6.9-rc7"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-71133.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.14.0"},{"fixed":"5.15.198"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.160"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.120"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.64"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.18.4"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-71133.json"}}],"schema_version":"1.7.3"}