{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-39969","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-04-16T07:20:57.149Z","datePublished":"2025-10-15T07:55:52.948Z","dateUpdated":"2026-05-11T21:39:55.810Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:39:55.810Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: fix validation of VF state in get resources\n\nVF state I40E_VF_STATE_ACTIVE is not the only state in which\nVF is actually active so it should not be used to determine\nif a VF is allowed to obtain resources.\n\nUse I40E_VF_STATE_RESOURCES_LOADED that is set only in\ni40e_vc_get_vf_resources_msg() and cleared during reset."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c","drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h"],"versions":[{"version":"171527da84149c2c7aa6a60a64b09d24f3546298","lessThan":"185745d56ec958bf8aa773828213237dfcc32f5a","status":"affected","versionType":"git"},{"version":"eb87117c27e729b0aeef4d72ed40d6a1761b0f68","lessThan":"f47876788a23de296c42ef9d505b5c1630f0b4b8","status":"affected","versionType":"git"},{"version":"2132643b956f553f5abddc9bae20dae267b082e0","lessThan":"8e35c80f8570426fe0f0cc92b151ebd835975f22","status":"affected","versionType":"git"},{"version":"61125b8be85dfbc7e9c7fe1cc6c6d631ab603516","lessThan":"6c3981fd59ef11a75005ac9978f034da5a168b6a","status":"affected","versionType":"git"},{"version":"61125b8be85dfbc7e9c7fe1cc6c6d631ab603516","lessThan":"e748f1ee493f88e38b77363a60499f979d42c58a","status":"affected","versionType":"git"},{"version":"61125b8be85dfbc7e9c7fe1cc6c6d631ab603516","lessThan":"6128bbc7adc25c87c2f64b5eb66a280b78ef7ab7","status":"affected","versionType":"git"},{"version":"61125b8be85dfbc7e9c7fe1cc6c6d631ab603516","lessThan":"a991dc56d3e9a2c3db87d0c3f03c24f6595400f1","status":"affected","versionType":"git"},{"version":"61125b8be85dfbc7e9c7fe1cc6c6d631ab603516","lessThan":"877b7e6ffc23766448236e8732254534c518ba42","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c","drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h"],"versions":[{"version":"5.16","status":"affected"},{"version":"0","lessThan":"5.16","status":"unaffected","versionType":"semver"},{"version":"5.4.300","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.245","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.194","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.155","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.109","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.50","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.16.10","lessThanOrEqual":"6.16.*","status":"unaffected","versionType":"semver"},{"version":"6.17","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4.165","versionEndExcluding":"5.4.300"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10.85","versionEndExcluding":"5.10.245"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15.8","versionEndExcluding":"5.15.194"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.155"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.6.109"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.12.50"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.16.10"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.17"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/185745d56ec958bf8aa773828213237dfcc32f5a"},{"url":"https://git.kernel.org/stable/c/f47876788a23de296c42ef9d505b5c1630f0b4b8"},{"url":"https://git.kernel.org/stable/c/8e35c80f8570426fe0f0cc92b151ebd835975f22"},{"url":"https://git.kernel.org/stable/c/6c3981fd59ef11a75005ac9978f034da5a168b6a"},{"url":"https://git.kernel.org/stable/c/e748f1ee493f88e38b77363a60499f979d42c58a"},{"url":"https://git.kernel.org/stable/c/6128bbc7adc25c87c2f64b5eb66a280b78ef7ab7"},{"url":"https://git.kernel.org/stable/c/a991dc56d3e9a2c3db87d0c3f03c24f6595400f1"},{"url":"https://git.kernel.org/stable/c/877b7e6ffc23766448236e8732254534c518ba42"}],"title":"i40e: fix validation of VF state in get resources","x_generator":{"engine":"bippy-1.2.0"}}}}