CVE-2025-22088

Summary

In the Linux kernel, the following vulnerability has been resolved:

RDMA/erdma: Prevent use-after-free in erdma_accept_newconn()

After the erdma_cep_put(new_cep) being called, new_cep will be freed, and the following dereference will cause a UAF problem. Fix this issue.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux920d93eac8b97778fef48f34f10e58ddf870fc2a < bc1db4d8f1b0dc480d7d745a60a8cc94ce2badd4affected
LinuxLinux920d93eac8b97778fef48f34f10e58ddf870fc2a < 667a628ab67d359166799fad89b3c6909599558aaffected
LinuxLinux920d93eac8b97778fef48f34f10e58ddf870fc2a < a114d25d584c14019d31dbf2163780c47415a187affected
LinuxLinux920d93eac8b97778fef48f34f10e58ddf870fc2a < 78411a133312ce7d8a3239c76a8fd85bca1cc10faffected
LinuxLinux920d93eac8b97778fef48f34f10e58ddf870fc2a < 7aa6bb5276d9fec98deb05615a086eeb893854adaffected
LinuxLinux920d93eac8b97778fef48f34f10e58ddf870fc2a < 83437689249e6a17b25e27712fbee292e42e7855affected
LinuxLinux6.0affected
LinuxLinux0 < 6.0unaffected
LinuxLinux6.1.134 <= 6.1.*unaffected
LinuxLinux6.6.87 <= 6.6.*unaffected
LinuxLinux6.12.23 <= 6.12.*unaffected
LinuxLinux6.13.11 <= 6.13.*unaffected
LinuxLinux6.14.2 <= 6.14.*unaffected
LinuxLinux6.15 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References