🟡 Medium | Source: Microsoft Security Response Center
CVE-2025-21885 is a vulnerability in the Linux kernel’s RDMA bnxt_re driver, specifically relating to incorrect page details handling for SRQs (Shared Receive Queues) created by kernel consumers. While published via Microsoft’s Security Response Center in the Azure advisory channel, this is a kernel-level flaw affecting RDMA networking components. It matters because RDMA is commonly used in high-performance and HPC workloads on Azure, and kernel memory handling bugs in this area can lead to stability issues or potential privilege escalation.
Security Architect’s Take: Review whether your Azure workloads — particularly HPC, AI, or high-throughput networking instances — use RDMA-capable VM SKUs (e.g. HB, HC, NDv2 series), and ensure host OS and kernel patches are applied promptly. If running Linux VMs with RDMA drivers, validate that the patched kernel version is deployed and consider monitoring for unexpected kernel-level crashes or anomalous RDMA behaviour.
Original advisory: CVE-2025-21885 RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers