CVE-2025-22004

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-22004
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-22004.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-22004
Downstream
Related
Published
2025-04-03T07:19:06.022Z
Modified
2025-11-28T02:34:01.154823Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
net: atm: fix use after free in lec_send()
Details

In the Linux kernel, the following vulnerability has been resolved:

net: atm: fix use after free in lec_send()

The ->send() operation frees skb so save the length before calling ->send() to avoid a use after free.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/22xxx/CVE-2025-22004.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed
50e288097c2c6e5f374ae079394436fc29d1e88e
Fixed
8cd90c7db08f32829bfa1b5b2b11fbc542afbab7
Fixed
82d9084a97892de1ee4881eb5c17911fcd9be6f6
Fixed
51e8be9578a2e74f9983d8fd8de8cafed191f30c
Fixed
9566f6ee13b17a15d0a47667ad1b1893c539f730
Fixed
326223182e4703cde99fdbd36d07d0b3de9980fb
Fixed
f3271f7548385e0096739965961c7cbf7e6b4762
Fixed
f3009d0d6ab78053117f8857b921a8237f4d17b3

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.6.12
Fixed
5.4.292
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.236
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.180
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.132
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.85
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.21
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.13.9