CVE-2025-22001
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
accel/qaic: Fix integer overflow in qaic_validate_req()
These are u64 variables that come from the user via qaic_attach_slice_bo_ioctl(). Use check_add_overflow() to ensure that the math doesn't have an integer wrapping bug.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | ff13be8303336ead5621712f2c55012d738878b5 < 4b2a170c25862ad116bd31be6b9841646b4862e8 | affected |
| Linux | Linux | ff13be8303336ead5621712f2c55012d738878b5 < b362fc904d264a88b4af20baae9e82491c285e9c | affected |
| Linux | Linux | ff13be8303336ead5621712f2c55012d738878b5 < 57fae0c505f49bb1e3d5660cd2cc49697ed85f7c | affected |
| Linux | Linux | ff13be8303336ead5621712f2c55012d738878b5 < 67d15c7aa0864dfd82325c7e7e7d8548b5224c7b | affected |
| Linux | Linux | 6.4 | affected |
| Linux | Linux | 0 < 6.4 | unaffected |
| Linux | Linux | 6.6.85 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.21 <= 6.12.* | unaffected |
| Linux | Linux | 6.13.9 <= 6.13.* | unaffected |
| Linux | Linux | 6.14 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/4b2a170c25862ad116bd31be6b9841646b4862e8
- https://git.kernel.org/stable/c/b362fc904d264a88b4af20baae9e82491c285e9c
- https://git.kernel.org/stable/c/57fae0c505f49bb1e3d5660cd2cc49697ed85f7c
- https://git.kernel.org/stable/c/67d15c7aa0864dfd82325c7e7e7d8548b5224c7b
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.