PT-2025-16748 · Linux+4 · Linux Kernel+4

Published

2025-03-24

Updated

2026-04-20

CVE-2025-22108

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved, specifically in the bnxt en component. The issue involves the bd cnt field in the TX BD, which specifies the total number of BDs for the TX packet. This field has 5 bits and a maximum supported value of 32, represented by the value 0. If the total number of SKB fragments approaches or exceeds this maximum, the bd cnt field can become corrupted, potentially causing TX timeout. The patch adds a macro to properly mask the bd cnt field, ensuring that values exceeding 32 are handled correctly.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

AZL-62553

BDU:2026-04890

CVE-2025-22108

OESA-2025-1869

OESA-2025-1870

OESA-2025-1874

OPENSUSE-SU-2025_01614-1

OPENSUSE-SU-2025_01707-1

SUSE-SU-2025:01614-1

SUSE-SU-2025:01707-1

SUSE-SU-2025:01919-1

SUSE-SU-2025:01951-1

SUSE-SU-2025:01964-1

SUSE-SU-2025:01967-1

SUSE-SU-2025:01972-1

SUSE-SU-2025:20343-1

SUSE-SU-2025:20344-1

SUSE-SU-2025:20354-1

SUSE-SU-2025:20355-1

SUSE-SU-2025_01614-1

SUSE-SU-2025_01707-1

SUSE-SU-2025_01951-1

SUSE-SU-2025_01964-1

SUSE-SU-2025_01967-1

SUSE-SU-2025_01972-1

USN-7594-1

USN-7594-2

USN-7594-3

Affected Products

Astra Linux

Debian

Linux Kernel

Suse

Ubuntu

PT-2025-16748 · Linux+4 · Linux Kernel+4

CVE-2025-22108

Weakness Enumeration

Related Identifiers

Affected Products

References · 1764