PT-2025-16693 · Linux+5 · Linux Kernel+5

Published

2025-04-04

·

Updated

2026-05-26

·

CVE-2025-22053

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the version that includes the fix for this issue
Description A vulnerability in the Linux kernel has been resolved, which prevented multiple calls in a row to napi disable, causing a hang. The issue occurred when two or more threads called veth pool store through writing to /sys/devices/vio/30000002/pool*/*. This could be easily reproduced with a shell script. The fix involves using rtnl mutex to synchronize veth pool store with itself, ibmveth close, and ibmveth open.
Recommendations To resolve this issue, update to a Linux kernel version that includes the fix for this vulnerability. As a temporary workaround, consider restricting access to the /sys/devices/vio/30000002/pool*/* path to minimize the risk of exploitation.

Exploit

Fix

Improper Locking

Weakness Enumeration

CWE-413CWE-667CWE-371

Related Identifiers

BDU:2026-01405
CVE-2025-22053
ECHO-C296-85DC-5B23
MGASA-2025-0142
MGASA-2025-0146
OESA-2025-1878
OESA-2025-1879
OESA-2025-1880
OPENSUSE-SU-2025_01614-1
OPENSUSE-SU-2025_01707-1
SUSE-SU-2025:01600-1
SUSE-SU-2025:01614-1
SUSE-SU-2025:01707-1
SUSE-SU-2025:01919-1
SUSE-SU-2025:01951-1
SUSE-SU-2025:01964-1
SUSE-SU-2025:01967-1
SUSE-SU-2025:20343-1
SUSE-SU-2025:20344-1
SUSE-SU-2025:20354-1
SUSE-SU-2025:20355-1
SUSE-SU-2025_01600-1
SUSE-SU-2025_01614-1
SUSE-SU-2025_01707-1
SUSE-SU-2025_01951-1
SUSE-SU-2025_01964-1
SUSE-SU-2025_01967-1
USN-7594-1
USN-7594-2
USN-7594-3
USN-7605-1
USN-7605-2
USN-7606-1
USN-7628-1
USN-7835-1
USN-7835-2
USN-7835-3
USN-7835-4
USN-7835-5
USN-7835-6
USN-7887-1
USN-7887-2
USN-7940-1
USN-7940-2

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Suse
Ubuntu