CVE-2025-22060

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved, specifically in the mvpp2 module, which handles network packet processing. The issue involves the corruption of parser TCAM (Ternary Content-Addressable Memory) and SRAM (Static Random Access Memory) memory due to concurrent modifications. This can lead to errors such as TOCTOU (Time-of-Check-to-Time-of-Use) issues, where multiple cores allocate the same row, causing data corruption. The problem was detected when the mvpp2 set rx mode() function ran concurrently on two CPUs, resulting in the corruption of the MVPP2 PE MAC UC PROMISCUOUS entry and causing the classifier unit to drop all incoming unicast packets.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.