Dereference Vulnerability in Linux Kernel Affecting Memory Management
CVE-2025-22017

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
8 April 2025

What is CVE-2025-22017?

A vulnerability in the Linux kernel's memory management component related to the xa_alloc_cyclic() function has been identified. When an error occurs, instead of correctly signaling this error, the function inadvertently allows for a dereference of an unallocated pointer. This faulty behavior can lead to unpredictable outcomes in applications relying on this memory management functionality. Although this issue was not observed in practical scenarios, it highlights a significant area for potential exploitation. The vulnerability has been addressed by ensuring that proper error checks are in place, thus enhancing overall system stability and security. Special thanks to Pierre for identifying this flaw.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux c137743bce02b18c1537d4681aa515f7b80bf0a8

Linux c137743bce02b18c1537d4681aa515f7b80bf0a8 < 466132f6d28a7e47a82501fe1c46b8f90487412e

Linux c137743bce02b18c1537d4681aa515f7b80bf0a8

References

https://git.kernel.org/stable/c/f8aaa38cfaf6f20afa4db36b6...
https://git.kernel.org/stable/c/466132f6d28a7e47a82501fe1...
https://git.kernel.org/stable/c/f3b97b7d4bf316c3991e5634c...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.