PT-2025-16756 · Linux+6 · Linux Kernel+6

Published

2025-03-18

·

Updated

2026-04-20

·

CVE-2025-22116

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A vulnerability in the Linux kernel has been resolved. The issue was related to the idpf driver, where the error code from register netdev() was ignored during initialization, potentially causing a WARN ON() when attempting to unregister the net device. This could lead to a situation where the creation of the netdev failed without informing the user. The vulnerability was addressed by introducing an error check and logging the vport number and error code. Additionally, the removal process was modified to check the VPORT REG NETDEV flag before calling unregister and free on the netdev.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Unchecked Return Value

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-252

Related Identifiers

BDU:2026-04872
CVE-2025-22116
OPENSUSE-SU-2025_01614-1
OPENSUSE-SU-2025_01707-1
RHSA-2025:20095
RHSA-2025:20518
RHSA-2025:9580
SUSE-SU-2025:01614-1
SUSE-SU-2025:01707-1
SUSE-SU-2025:01919-1
SUSE-SU-2025:01951-1
SUSE-SU-2025:01964-1
SUSE-SU-2025:01967-1
SUSE-SU-2025:01972-1
SUSE-SU-2025:20343-1
SUSE-SU-2025:20344-1
SUSE-SU-2025:20354-1
SUSE-SU-2025:20355-1
SUSE-SU-2025_01614-1
SUSE-SU-2025_01707-1
SUSE-SU-2025_01951-1
SUSE-SU-2025_01964-1
SUSE-SU-2025_01967-1
SUSE-SU-2025_01972-1
USN-7594-1
USN-7594-2
USN-7594-3

Affected Products

Astra Linux
Centos
Debian
Linux Kernel
Red Hat
Suse
Ubuntu