We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-22017

devlink: fix xa_alloc_cyclic() error handling



Description

In the Linux kernel, the following vulnerability has been resolved: devlink: fix xa_alloc_cyclic() error handling In case of returning 1 from xa_alloc_cyclic() (wrapping) ERR_PTR(1) will be returned, which will cause IS_ERR() to be false. Which can lead to dereference not allocated pointer (rel). Fix it by checking if err is lower than zero. This wasn't found in real usecase, only noticed. Credit to Pierre.

Reserved 2024-12-29 | Published 2025-04-08 | Updated 2025-05-04 | Assigner Linux

Product status

Default status
unaffected

c137743bce02b18c1537d4681aa515f7b80bf0a8 before f8aaa38cfaf6f20afa4db36b6529032fb69165dc
affected

c137743bce02b18c1537d4681aa515f7b80bf0a8 before 466132f6d28a7e47a82501fe1c46b8f90487412e
affected

c137743bce02b18c1537d4681aa515f7b80bf0a8 before f3b97b7d4bf316c3991e5634c9f4847c2df35478
affected

Default status
affected

6.7
affected

Any version before 6.7
unaffected

6.12.21
unaffected

6.13.9
unaffected

6.14
unaffected

References

git.kernel.org/...c/f8aaa38cfaf6f20afa4db36b6529032fb69165dc

git.kernel.org/...c/466132f6d28a7e47a82501fe1c46b8f90487412e

git.kernel.org/...c/f3b97b7d4bf316c3991e5634c9f4847c2df35478

cve.org (CVE-2025-22017)

nvd.nist.gov (CVE-2025-22017)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-22017

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.