CVE-2025-22004
Published: April 4, 2025Last modified: April 4, 2025
Description
In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lec_send() The ->send() operation frees skb so save the length before calling ->send() to avoid a use after free.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 7.8 |
| Attack Vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity impact | HIGH |
| Availability impact | HIGH |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Fixed (6.1.134-r0) |
| Stream | linux-lts | Fixed (6.6.87-r0) |
References
- https://git.kernel.org/stable/c/326223182e4703cde99fdbd36d07d0b3de9980fb
- https://git.kernel.org/stable/c/50e288097c2c6e5f374ae079394436fc29d1e88e
- https://git.kernel.org/stable/c/51e8be9578a2e74f9983d8fd8de8cafed191f30c
- https://git.kernel.org/stable/c/82d9084a97892de1ee4881eb5c17911fcd9be6f6
- https://git.kernel.org/stable/c/8cd90c7db08f32829bfa1b5b2b11fbc542afbab7
- https://git.kernel.org/stable/c/9566f6ee13b17a15d0a47667ad1b1893c539f730
- https://git.kernel.org/stable/c/f3009d0d6ab78053117f8857b921a8237f4d17b3
- https://git.kernel.org/stable/c/f3271f7548385e0096739965961c7cbf7e6b4762