CVE-2025-22122 — Integer Overflow or Wraparound in Linux
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 78.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 16
Latest updateJul 8
Description
In the Linux kernel, the following vulnerability has been resolved:
block: fix adding folio to bio
>4GB folio is possible on some ARCHs, such as aarch64, 16GB hugepage
is supported, then 'offset' of folio can't be held in 'unsigned int',
cause warning in bio_add_folio_nofail() and IO failure.
Fix it by adjusting 'page' & trimming 'offset' so that `->bi_offset` won't
be overflow, and folio can be added to bio successfully.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages5 packages
▶CVEListV5linux/linuxed9832bc08db29874600eb066b74918fe6fc2060 — 0c60158ff14df04c92792dd9b1809372b095040f+3
Patches
🔴Vulnerability Details
5OSV▶
CVE-2025-22122: In the Linux kernel, the following vulnerability has been resolved: block: fix adding folio to bio >4GB folio is possible on some ARCHs, such as aarch↗2025-04-16
GHSA▶
GHSA-cjw9-x8qr-5wpf: In the Linux kernel, the following vulnerability has been resolved:
block: fix adding folio to bio
>4GB folio is possible on some ARCHs, such as aar↗2025-04-16
📋Vendor Advisories
5Debian▶
CVE-2025-22122: linux - In the Linux kernel, the following vulnerability has been resolved: block: fix ...↗2025