CVE-2025-22016

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-22016

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-22016.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-22016

Downstream

BELL-CVE-2025-22016

DEBIAN-CVE-2025-22016

SUSE-SU-2025:01707-1

SUSE-SU-2025:01919-1

SUSE-SU-2025:01951-1

SUSE-SU-2025:01964-1

SUSE-SU-2025:01967-1

UBUNTU-CVE-2025-22016

USN-7605-1

USN-7605-2

USN-7606-1

USN-7628-1

Related

Published

2025-04-08T09:15:26Z

Modified

2025-08-09T20:01:26Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

dpll: fix xaalloccyclic() error handling

In case of returning 1 from xaalloccyclic() (wrapping) ERRPTR(1) will be returned, which will cause ISERR() to be false. Which can lead to dereference not allocated pointer (pin).

Fix it by checking if err is lower than zero.

This wasn't found in real usecase, only noticed. Credit to Pierre.

References

Affected packages