Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-22106

In the Linux kernel, the following vulnerability has been resolved: vmxnet3: unregister xdp rxq info in the reset path vmxnet3 does not unregister xdp rxq info in the vmxnet3_reset_work() code path as vmxnet3_rq_destroy() is not invoked in this code path. So, we get below message with a backtrace. Missing unregister, handled but fix driver WARNING: CPU:48 PID: 500 at net/core/xdp.c:182 __xdp_rxq_info_reg+0x93/0xf0 This patch fixes the problem by moving the unregister code of XDP from vmxnet3_rq_destroy() to vmxnet3_rq_cleanup().

Published

2025-04-16T15:16:04.913

Last Modified

2025-11-03T18:42:40.573

Status

Analyzed

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

Severity

CVSSv3.1: 5.5 (MEDIUM)

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	linux	linux_kernel	< 6.6.108	Yes
Operating System	linux	linux_kernel	< 6.12.49	Yes
Operating System	linux	linux_kernel	< 6.14.2	Yes

References

https://git.kernel.org/stable/c/0dd765fae295832934bf28e45dd5a355e0891ed4 Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/23da4e0bb2a38966d29db0ff90a8fe68fdfa1744 Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/9908541a9e235b7c5e2fbdd59910eaf9c32c3075 Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/a6157484bee3385a425d288a69e1eaf03232f5fc Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)