Michael Chan

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to the bnxt en driver in the Linux kernel, specifically with the RX consumer index logic in the error path. In the `bnxt rx pkt()` function, the RX buffers are expected to complete in order. However, if the RX consumer index indicates an out of order buffer completion, it means a hardware bug is encountered, and the driver will abort all remaining RX packets and reset the RX ring. The RX consumer index passed to `bnxt discard rx()` is incorrect, and the current index (`tmp raw cons`) should be used instead of the old index (`raw cons`). This bug can cause the system to be at the wrong index when trying to abort the next RX packet, leading to a crash. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.