CVE-2025-22107 — Out-of-bounds Read in Linux

CWE-125 — Out-of-bounds Read29 documents7 sources

Severity

7.1HIGHNVD

OSV3.2

EPSS

0.1%

top 75.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux +12 more

Timeline

PublishedApr 16

Latest updateApr 9

Description

In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() There are actually 2 problems: - deleting the last element doesn't require the memmove of elements [i + 1, end) over it. Actually, element i+1 is out of bounds. - The memmove itself should move size - i - 1 elements, because the last element is out of bounds. The out-of-bounds element still remains out of bounds after being accessed, so the pro…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages17 packages

▶NVDlinux/linux_kernel5.2 — 6.14.2

▶Debianlinux/linux_kernel< 6.1.162-1+2

▶Ubuntulinux/linux_kernel< 6.8.0-106.106+1

▶msrcmsrc/azl3_kernel_6.6.96.2-1_on_azure_linux_3.0

▶msrcmsrc/azl3_kernel_6.6.96.2-2_on_azure_linux_3.0

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

OSV

linux-raspi, linux-raspi-realtime vulnerabilities↗2026-04-01

▶

OSV

linux-azure-6.8 vulnerabilities↗2026-03-25

▶

OSV

linux-azure vulnerabilities↗2026-03-25

▶

OSV

linux-aws-6.8 vulnerabilities↗2026-03-23

▶

OSV

linux-realtime, linux-realtime-6.8 vulnerabilities↗2026-03-17

▶

📋Vendor Advisories

Ubuntu

Linux kernel (Azure FIPS) vulnerabilities↗2026-04-09

▶

Ubuntu

Linux kernel (Raspberry Pi) vulnerabilities↗2026-04-01

▶

Ubuntu

Linux kernel (Azure) vulnerabilities↗2026-03-25

▶

Ubuntu

Linux kernel (Azure) vulnerabilities↗2026-03-25

▶

Ubuntu

Linux kernel (AWS) vulnerabilities↗2026-03-23

▶

External resources

NVD MITRE

Affected products15

Debian Linuxfixed in linux 6.1.162-1 (bookworm)

Debian Linux-6.1fixed in linux 6.1.162-1 (bookworm)

Linux≥ 6666cebc5e306f49a25bd20aa8c1cb8ef8950df5, < b52153da1f42e2f4d6259257a7ba027331671a93≥ 6666cebc5e306f49a25bd20aa8c1cb8ef8950df5, < 4584486cfcca24b7b586da3377eb3cffd48669ec≥ 6666cebc5e306f49a25bd20aa8c1cb8ef8950df5, < 031e00249e9e6bee72ba66701c8f83b45fc4b8a2+3 more

Linux Kernel≥ 0, < 6.1.162-1≥ 0, < 6.12.63-1≥ 0, < 6.16.3-1+3 more

Msrc Azl3 Kernel 6.6.104.2-4 ON Azure Linux 3.0

Msrc Azl3 Kernel 6.6.112.1-2 ON Azure Linux 3.0

Msrc Azl3 Kernel 6.6.117.1-1 ON Azure Linux 3.0

Msrc Azl3 Kernel 6.6.119.3-1 ON Azure Linux 3.0

Msrc Azl3 Kernel 6.6.119.3-3 ON Azure Linux 3.0

Msrc Azl3 Kernel 6.6.121.1-1 ON Azure Linux 3.0

Disclosure

PublishedApr 16, 2025

Latest updateApr 9, 2026