CVE-2025-22026

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved. The issue is related to the nfsd proc stat init() function ignoring the return value of svc proc register(). If the procfile creation fails, the kernel will warn when it tries to remove the entry later. The svc proc register() function can fail if the dentry cannot be allocated or if an identical dentry already exists.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Unchecked Return Value

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-252CWE-253

Related Identifiers

ALSA-2025:16919

ALSA-2025:16920

ALSA-2025:17396

ALSA-2025:18281

AZL-68985

BDU:2026-01408

CESA-2025_16919

CESA-2025_16920

CVE-2025-22026

ECHO-3DB2-0551-AD05

INFSA-2025_16919

INFSA-2025_16920

INFSA-2025_18281

OESA-2025-1727

OESA-2025-1728

RHSA-2025:13946

RHSA-2025:14003

RHSA-2025:14005

RHSA-2025:14744

RHSA-2025:14749

RHSA-2025:17396

RHSA-2025:18281

RHSA-2025:19222

RHSA-2025_16919

RHSA-2025_16920

RHSA-2025_18281

USN-7594-1

USN-7594-2

USN-7594-3

USN-8028-1

USN-8028-2

USN-8028-3

USN-8028-4

USN-8028-5

USN-8028-6

USN-8028-7

USN-8028-8

USN-8031-1

USN-8031-2

USN-8031-3

USN-8052-1

USN-8052-2

USN-8074-1

USN-8074-2

USN-8126-1

Affected Products

Almalinux

Astra Linux

Centos

Debian

Linuxmint

Linux Kernel

Red Hat

Rocky Linux

Ubuntu

CVE-2025-22026

Weakness Enumeration

Related Identifiers

Affected Products

References · 1472