We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-22016

dpll: fix xa_alloc_cyclic() error handling



Description

In the Linux kernel, the following vulnerability has been resolved: dpll: fix xa_alloc_cyclic() error handling In case of returning 1 from xa_alloc_cyclic() (wrapping) ERR_PTR(1) will be returned, which will cause IS_ERR() to be false. Which can lead to dereference not allocated pointer (pin). Fix it by checking if err is lower than zero. This wasn't found in real usecase, only noticed. Credit to Pierre.

Reserved 2024-12-29 | Published 2025-04-08 | Updated 2025-05-04 | Assigner Linux

Product status

Default status
unaffected

97f265ef7f5b526b33d6030b2a1fc69a2259bf4a before cb2f8a5c1fd9e7a1fefa23afe20570e16da1ada4
affected

97f265ef7f5b526b33d6030b2a1fc69a2259bf4a before 4d350043be684762e581d9bdd32d543621d01a9c
affected

97f265ef7f5b526b33d6030b2a1fc69a2259bf4a before 3614bf90130d60f191a5fe218d04f6251c678e13
affected

Default status
affected

6.8
affected

Any version before 6.8
unaffected

6.12.21
unaffected

6.13.9
unaffected

6.14
unaffected

References

git.kernel.org/...c/cb2f8a5c1fd9e7a1fefa23afe20570e16da1ada4

git.kernel.org/...c/4d350043be684762e581d9bdd32d543621d01a9c

git.kernel.org/...c/3614bf90130d60f191a5fe218d04f6251c678e13

cve.org (CVE-2025-22016)

nvd.nist.gov (CVE-2025-22016)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-22016

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.