CVE-2025-22103 in Linuxinfo

Zusammenfassung

von MITRE • 16.04.2025

In the Linux kernel, the following vulnerability has been resolved:

net: fix NULL pointer dereference in l3mdev_l3_rcv

When delete l3s ipvlan:

ip link del link eth0 ipvlan1 type ipvlan mode l3s

This may cause a null pointer dereference:

Call trace: ip_rcv_finish+0x48/0xd0 ip_rcv+0x5c/0x100 __netif_receive_skb_one_core+0x64/0xb0 __netif_receive_skb+0x20/0x80 process_backlog+0xb4/0x204 napi_poll+0xe8/0x294 net_rx_action+0xd8/0x22c __do_softirq+0x12c/0x354

This is because l3mdev_l3_rcv() visit dev->l3mdev_ops after ipvlan_l3s_unregister() assign the dev->l3mdev_ops to NULL. The process like this:

(CPU1) | (CPU2) l3mdev_l3_rcv() | check dev->priv_flags: | master = skb->dev; | | | ipvlan_l3s_unregister() | set dev->priv_flags | dev->l3mdev_ops = NULL; | visit master->l3mdev_ops |

To avoid this by do not set dev->l3mdev_ops when unregister l3s ipvlan.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Zuständig

Linux

Reservieren

29.12.2024

Veröffentlichung

16.04.2025

Moderieren

akzeptiert

Eintrag

VDB-305184

CPE

bereit

EPSS

0.00177

KEV

nein

Aktivitäten

very low

Quellen

Interested in the pricing of exploits?

See the underground prices here!