{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-22006", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-12-29T08:45:45.803Z", "datePublished": "2025-04-03T07:19:07.407Z", "dateUpdated": "2025-10-01T17:09:33.963Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:27:17.611Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: ti: am65-cpsw: Fix NAPI registration sequence\n\nRegistering the interrupts for TX or RX DMA Channels prior to registering\ntheir respective NAPI callbacks can result in a NULL pointer dereference.\nThis is seen in practice as a random occurrence since it depends on the\nrandomness associated with the generation of traffic by Linux and the\nreception of traffic from the wire."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/ti/am65-cpsw-nuss.c"], "versions": [{"version": "82b44cdb0355b5061769ae51909d1c8a1b7f31f2", "lessThan": "d4bf956547c38c04fad8d72a961ac4dc00bad000", "status": "affected", "versionType": "git"}, {"version": "faef4c2bebac3c6e4161e66c3d42b85e88013709", "lessThan": "942557abed7f38b77a47d77b92d448802eefe185", "status": "affected", "versionType": "git"}, {"version": "681eb2beb3efe21e630bcc4881595e3b42dd7948", "lessThan": "5f079290e5913a0060e059500b7d440990ac1066", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/ti/am65-cpsw-nuss.c"], "versions": [{"version": "6.12.14", "lessThan": "6.12.21", "status": "affected", "versionType": "semver"}, {"version": "6.13.3", "lessThan": "6.13.9", "status": "affected", "versionType": "semver"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.12.14", "versionEndExcluding": "6.12.21"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.13.3", "versionEndExcluding": "6.13.9"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/d4bf956547c38c04fad8d72a961ac4dc00bad000"}, {"url": "https://git.kernel.org/stable/c/942557abed7f38b77a47d77b92d448802eefe185"}, {"url": "https://git.kernel.org/stable/c/5f079290e5913a0060e059500b7d440990ac1066"}], "title": "net: ethernet: ti: am65-cpsw: Fix NAPI registration sequence", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-476", "lang": "en", "description": "CWE-476 NULL Pointer Dereference"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-10-01T17:09:29.493239Z", "id": "CVE-2025-22006", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-01T17:09:33.963Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-22006", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-01T17:09:29.493239Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-01T14:39:41.116Z"}}], "cna": {"title": "net: ethernet: ti: am65-cpsw: Fix NAPI registration sequence", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "82b44cdb0355b5061769ae51909d1c8a1b7f31f2", "lessThan": "d4bf956547c38c04fad8d72a961ac4dc00bad000", "versionType": "git"}, {"status": "affected", "version": "faef4c2bebac3c6e4161e66c3d42b85e88013709", "lessThan": "942557abed7f38b77a47d77b92d448802eefe185", "versionType": "git"}, {"status": "affected", "version": "681eb2beb3efe21e630bcc4881595e3b42dd7948", "lessThan": "5f079290e5913a0060e059500b7d440990ac1066", "versionType": "git"}], "programFiles": ["drivers/net/ethernet/ti/am65-cpsw-nuss.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.12.14", "lessThan": "6.12.21", "versionType": "semver"}, {"status": "affected", "version": "6.13.3", "lessThan": "6.13.9", "versionType": "semver"}], "programFiles": ["drivers/net/ethernet/ti/am65-cpsw-nuss.c"], "defaultStatus": "unaffected"}], "references": [{"url": "https://git.kernel.org/stable/c/d4bf956547c38c04fad8d72a961ac4dc00bad000"}, {"url": "https://git.kernel.org/stable/c/942557abed7f38b77a47d77b92d448802eefe185"}, {"url": "https://git.kernel.org/stable/c/5f079290e5913a0060e059500b7d440990ac1066"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: ti: am65-cpsw: Fix NAPI registration sequence\n\nRegistering the interrupts for TX or RX DMA Channels prior to registering\ntheir respective NAPI callbacks can result in a NULL pointer dereference.\nThis is seen in practice as a random occurrence since it depends on the\nrandomness associated with the generation of traffic by Linux and the\nreception of traffic from the wire."}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.12.21", "versionStartIncluding": "6.12.14"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.13.9", "versionStartIncluding": "6.13.3"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:27:17.611Z"}}}, "cveMetadata": {"cveId": "CVE-2025-22006", "state": "PUBLISHED", "dateUpdated": "2025-10-01T17:09:33.963Z", "dateReserved": "2024-12-29T08:45:45.803Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2025-04-03T07:19:07.407Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "FADA53DA-6264-4159-8634-545524F7A021", "versionEndExcluding": "6.12.21", "versionStartIncluding": "6.12.14", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "121A3D36-97F4-4EFC-AC81-4051E74494FA", "versionEndExcluding": "6.13.9", "versionStartIncluding": "6.13.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: ti: am65-cpsw: Fix NAPI registration sequence\n\nRegistering the interrupts for TX or RX DMA Channels prior to registering\ntheir respective NAPI callbacks can result in a NULL pointer dereference.\nThis is seen in practice as a random occurrence since it depends on the\nrandomness associated with the generation of traffic by Linux and the\nreception of traffic from the wire."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: ethernet: ti: am65-cpsw: Se ha corregido la secuencia de registro de NAPI. Registrar las interrupciones para los canales DMA TX o RX antes de registrar sus respectivas devoluciones de llamada NAPI puede provocar una desreferencia de puntero nulo. En la pr\u00e1ctica, esto se considera un evento aleatorio, ya que depende de la aleatoriedad asociada con la generaci\u00f3n de tr\u00e1fico por parte de Linux y la recepci\u00f3n de tr\u00e1fico desde la red."}], "id": "CVE-2025-22006", "lastModified": "2025-10-01T17:15:41.583", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "[email protected]", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-04-03T08:15:16.220", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5f079290e5913a0060e059500b7d440990ac1066"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/942557abed7f38b77a47d77b92d448802eefe185"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d4bf956547c38c04fad8d72a961ac4dc00bad000"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "[email protected]", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-476"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "kernel: net: ethernet: ti: am65-cpsw: Fix NAPI registration sequence", "id": "2357141", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357141"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-476", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnet: ethernet: ti: am65-cpsw: Fix NAPI registration sequence\nRegistering the interrupts for TX or RX DMA Channels prior to registering\ntheir respective NAPI callbacks can result in a NULL pointer dereference.\nThis is seen in practice as a random occurrence since it depends on the\nrandomness associated with the generation of traffic by Linux and the\nreception of traffic from the wire."], "name": "CVE-2025-22006", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-04-03T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-22006\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-22006\nhttps://lore.kernel.org/linux-cve-announce/2025040350-CVE-2025-22006-d1a7@gregkh/T"], "threat_severity": "Moderate"}