CVE-2025-22056Out-of-bounds Write in Linux

CWE-787Out-of-bounds Write65 documents7 sources
Severity
7.8HIGHNVD
OSV8.8OSV7.1OSV5.9OSV5.5OSV4.4
EPSS
0.0%
top 92.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
LinuxLinux KernelDebian Linux+4 more
Timeline
PublishedApr 16
Latest updateJan 9

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_tunnel: fix geneve_opt type confusion addition When handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, the parsing logic should place every geneve_opt structure one by one compactly. Hence, when deciding the next geneve_opt position, the pointer addition should be in units of char *. However, the current implementation erroneously does type conversion before the addition, which will lead to heap out-of-b

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages9 packages

NVDlinux/linux_kernel5.75.10.236+6
Debianlinux/linux_kernel< 5.10.237-1+3
Ubuntulinux/linux_kernel< 5.15.0-142.152+2
CVEListV5linux/linux925d844696d9287f841d6b3e0ed62a35fb17597031d49eb436f2da61280508d7adf8c9b473b967aa+8

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

32
OSV
linux-azure-nvidia vulnerabilities2026-01-09
OSV
linux-azure-fips vulnerabilities2025-12-17
OSV
linux-raspi vulnerabilities2025-11-25
OSV
linux-raspi-realtime vulnerabilities2025-11-24
OSV
linux-aws-6.8 vulnerabilities2025-11-12

📋Vendor Advisories

32
Ubuntu
Linux kernel (Azure, N-Series) vulnerabilities2026-01-09
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities2025-12-17
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2025-11-25
Ubuntu
Linux kernel (Raspberry Pi Real-time) vulnerabilities2025-11-24
Ubuntu
Linux kernel (AWS) vulnerabilities2025-11-12
CVE-2025-22056 — Out-of-bounds Write in Linux | cvebase