CVE-2025-22094 — NULL Pointer Dereference in Linux
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 78.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 16
Latest updateJul 8
Description
In the Linux kernel, the following vulnerability has been resolved:
powerpc/perf: Fix ref-counting on the PMU 'vpa_pmu'
Commit 176cda0619b6 ("powerpc/perf: Add perf interface to expose vpa
counters") introduced 'vpa_pmu' to expose Book3s-HV nested APIv2 provided
L1L2 context switch latency counters to L1 user-space via
perf-events. However the newly introduced PMU named 'vpa_pmu' doesn't
assign ownership of the PMU to the module 'vpa_pmu'. Consequently the
module 'vpa_pmu' can be unloaded whil…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages5 packages
▶CVEListV5linux/linux176cda0619b6c17a553625f6e2fcbc3981ad667d — 70ea7c5189197c6f5acdcfd8a2651be2c41e2faa+3
Patches
🔴Vulnerability Details
5GHSA▶
GHSA-2879-fhf4-rjj6: In the Linux kernel, the following vulnerability has been resolved:
powerpc/perf: Fix ref-counting on the PMU 'vpa_pmu'
Commit 176cda0619b6 ("powerp↗2025-04-16
OSV▶
CVE-2025-22094: In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Fix ref-counting on the PMU 'vpa_pmu' Commit 176cda0619b6 ("powerpc/↗2025-04-16
📋Vendor Advisories
5Debian▶
CVE-2025-22094: linux - In the Linux kernel, the following vulnerability has been resolved: powerpc/per...↗2025