CVE-2025-22006 — NULL Pointer Dereference in Linux

CWE-476 — NULL Pointer Dereference5 documents5 sources

Severity

5.5MEDIUMNVD

EPSS

0.0%

top 84.95%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedApr 3

Description

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: Fix NAPI registration sequence Registering the interrupts for TX or RX DMA Channels prior to registering their respective NAPI callbacks can result in a NULL pointer dereference. This is seen in practice as a random occurrence since it depends on the randomness associated with the generation of traffic by Linux and the reception of traffic from the wire.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

▶NVDlinux/linux_kernel6.12.14 — 6.12.21+1

▶Debianlinux/linux_kernel< 6.12.21-1+1

▶CVEListV5linux/linux82b44cdb0355b5061769ae51909d1c8a1b7f31f2 — d4bf956547c38c04fad8d72a961ac4dc00bad000+4

▶debiandebian/linux< linux 6.12.21-1 (forky)

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

GHSA

GHSA-c5f2-596r-9c4q: In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: Fix NAPI registration sequence Registering the int↗2025-04-03

▶

OSV

CVE-2025-22006: In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: Fix NAPI registration sequence Registering the inter↗2025-04-03

▶

📋Vendor Advisories

Red Hat

kernel: net: ethernet: ti: am65-cpsw: Fix NAPI registration sequence↗2025-04-03

▶

Debian

CVE-2025-22006: linux - In the Linux kernel, the following vulnerability has been resolved: net: ethern...↗2025

▶