CVE-2025-71068: svcrdma: bound check rq_pages index in inline path
In the Linux kernel, the following vulnerability has been resolved:
svcrdma: bound check rq_pages index in inline path
svc_rdma_copy_inline_range indexed rqstp->rq_pages[rc_curpage] without
verifying rc_curpage stays within the allocated page array. Add guards
before the first use and after advancing to a new page.
Security readout for executives and security teams
Plain-English summary
CVE-2025-71068 is a Linux kernel bounds-checking flaw in the svcrdma inline data path. The code could read or write outside the allocated request page array. Public sources do not provide CVSS, confirmed impact, or active exploitation evidence, so urgency depends on whether affected Linux kernels and svcrdma functionality are present.
Executive priority
Treat this as a kernel maintenance priority, not an emergency based on current evidence. Patch affected Linux systems through normal security update channels, with higher priority for systems using svcrdma paths or exposed kernel RDMA services.
Technical view
The flaw is in svc_rdma_copy_inline_range, which indexed rqstp->rq_pages[rc_curpage] before confirming rc_curpage remained within the allocated page array. The fix adds guards before first use and after page advancement. The source bundle lists affected Linux kernel versions and stable kernel commits, but no CWE, CVSS, or exploit details.
Likely exposure
Exposure is most likely on Linux systems running affected kernel versions where the svcrdma code path can be reached. The provided record does not identify specific distributions, configurations, or network prerequisites, so teams should map this against their kernel inventory and vendor advisories.
Exploitation context
The CVE is not listed as KEV in the provided bundle, and no cited source confirms active exploitation. The public description indicates a kernel memory bounds issue, but does not describe exploitability, attacker position, required privileges, or demonstrated impact.
Researcher notes
The record is sparse: no CVSS, CWE, distribution matrix, or exploitability analysis is provided. Analysis should stay close to the upstream fix: missing bounds checks around rq_pages indexing in the inline path. Validate reachability and backports per downstream kernel source.
Mitigation direction
Check Linux vendor advisories for fixed kernel packages.
Update to a kernel containing the referenced stable fixes.
Prioritize systems that use svcrdma-related functionality.
If patching is delayed, follow vendor guidance for exposure reduction.
Track distribution-specific backports, not only upstream version numbers.
Validation and detection
Inventory Linux kernel versions across servers and appliances.
Identify systems using or loading svcrdma-related kernel code.
Confirm installed kernels include the relevant stable commit or vendor backport.
Review vendor CVE notes for distribution-specific affected ranges.
Document systems where exposure cannot be confirmed.
Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.
Potential ATT&CK relevance
Conservative CVE-to-ATT&CK context
These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.
ATT&CK lookup starting points
Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.
cve · low confidence lookup
CVE-2025-71068 mapping review
Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.
These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.
0CVSS vectors
3Timeline events
1ADP providers
6Source links
SSVC decision data
CISA-ADPCISA Coordinator
Timestamp
Version
2.0.3
Exploitation: noneAutomatable: noTechnical Impact: total
Vulnerability timeline
Timeline events are normalized from CVE metadata, CNA source timelines, ADP timelines, and KEV metadata when present.
CVE reservedCVE Program
The CVE ID was reserved by the assigning CNA.
CVE publishedCVE Program
The CVE record was published.
Jan 13, 2026, 15:31 UTC (UTC+00:00)
CVE updatedCVE Program
The CVE record metadata indicates this as the latest update time.