CVE-2025-39970

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-39970
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-39970.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-39970
Downstream
Related
Published
2025-10-15T07:55:53.610Z
Modified
2026-05-15T04:13:43.551381077Z
Summary
i40e: fix input validation logic for action_meta
Details

In the Linux kernel, the following vulnerability has been resolved:

i40e: fix input validation logic for action_meta

Fix condition to check 'greater or equal' to prevent OOB dereference.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39970.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.17.0
Fixed
5.4.300
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.245
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.194
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.155
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.109
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.50
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.16.10

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-39970.json"