CVE-2025-22075

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the version containing the fix for the issue described, as the specific fixed version is not provided in the input descriptions.

Description A vulnerability in the Linux kernel has been resolved, related to the rtnetlink component. The issue arises from the allocation of vfinfo size for VF GUIDs when supported, which was not properly considered in the function that allocates the netlink message. This could lead to a warning when a netlink message is filled with many VF port and node GUIDs, resulting in a "Message too long" error. The vulnerability was introduced by a commit that added support for getting VF port and node GUIDs in netlink ifinfo messages.

Recommendations As a temporary workaround, consider restricting the use of VF GUIDs in netlink messages until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.