CVE-2025-22016

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-22016

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-22016.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-22016

Downstream

BELL-CVE-2025-22016

DEBIAN-CVE-2025-22016

SUSE-SU-2025:01707-1

SUSE-SU-2025:01919-1

SUSE-SU-2025:01951-1

SUSE-SU-2025:01964-1

SUSE-SU-2025:01967-1

UBUNTU-CVE-2025-22016

USN-7605-1

USN-7605-2

USN-7606-1

USN-7628-1

USN-7764-1

USN-7764-2

USN-7765-1

USN-7766-1

USN-7767-1

USN-7767-2

USN-7779-1

USN-7790-1

USN-7800-1

USN-7801-1

USN-7801-2

USN-7802-1

USN-7809-1

Related

Published

2025-04-08T08:18:05Z

Modified

2025-10-10T08:17:58.594529Z

Summary

dpll: fix xa_alloc_cyclic() error handling

Details

In the Linux kernel, the following vulnerability has been resolved:

dpll: fix xaalloccyclic() error handling

In case of returning 1 from xaalloccyclic() (wrapping) ERRPTR(1) will be returned, which will cause ISERR() to be false. Which can lead to dereference not allocated pointer (pin).

Fix it by checking if err is lower than zero.

This wasn't found in real usecase, only noticed. Credit to Pierre.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

97f265ef7f5b526b33d6030b2a1fc69a2259bf4a

Fixed

cb2f8a5c1fd9e7a1fefa23afe20570e16da1ada4

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

97f265ef7f5b526b33d6030b2a1fc69a2259bf4a

Fixed

4d350043be684762e581d9bdd32d543621d01a9c

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

97f265ef7f5b526b33d6030b2a1fc69a2259bf4a

Fixed

3614bf90130d60f191a5fe218d04f6251c678e13

Affected versions

v6.*

v6.10

v6.10-rc1

v6.10-rc2

v6.10-rc3

v6.10-rc4

v6.10-rc5

v6.10-rc6

v6.10-rc7

v6.11

v6.11-rc1

v6.11-rc2

v6.11-rc3

v6.11-rc4

v6.11-rc5

v6.11-rc6

v6.11-rc7

v6.12

v6.12-rc1

v6.12-rc2

v6.12-rc3

v6.12-rc4

v6.12-rc5

v6.12-rc6

v6.12-rc7

v6.12.1

v6.12.10

v6.12.11

v6.12.12

v6.12.13

v6.12.14

v6.12.15

v6.12.16

v6.12.17

v6.12.18

v6.12.19

v6.12.2

v6.12.20

v6.12.3

v6.12.4

v6.12.5

v6.12.6

v6.12.7

v6.12.8

v6.12.9

v6.13

v6.13-rc1

v6.13-rc2

v6.13-rc3

v6.13-rc4

v6.13-rc5

v6.13-rc6

v6.13-rc7

v6.13.1

v6.13.2

v6.13.3

v6.13.4

v6.13.5

v6.13.6

v6.13.7

v6.13.8

v6.14-rc1

v6.14-rc2

v6.14-rc3

v6.14-rc4

v6.14-rc5

v6.14-rc6

v6.7

v6.7-rc5

v6.7-rc6

v6.7-rc7

v6.7-rc8

v6.8

v6.8-rc1

v6.8-rc2

v6.8-rc3

v6.8-rc4

v6.8-rc5

v6.8-rc6

v6.8-rc7

v6.9

v6.9-rc1

v6.9-rc2

v6.9-rc3

v6.9-rc4

v6.9-rc5

v6.9-rc6

v6.9-rc7

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

6.8.0

Fixed

6.12.21

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.13.9