CVE-2025-22060
- Source
- https://cve.org/CVERecord?id=CVE-2025-22060
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-22060.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-22060
- Downstream
- Related
- Published
- 2025-04-16T14:12:16.121Z
- Modified
- 2026-03-11T07:47:00.473697Z
- Summary
- net: mvpp2: Prevent parser TCAM memory corruption
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
net: mvpp2: Prevent parser TCAM memory corruption
Protect the parser TCAM/SRAM memory, and the cached (shadow) SRAM information, from concurrent modifications.
Both the TCAM and SRAM tables are indirectly accessed by configuring an index register that selects the row to read or write to. This means that operations must be atomic in order to, e.g., avoid spreading writes across multiple rows. Since the shadow SRAM array is used to find free rows in the hardware table, it must also be protected in order to avoid TOCTOU errors where multiple cores allocate the same row.
This issue was detected in a situation where
mvpp2_set_rx_mode()ran concurrently on two CPUs. In this particular case the MVPP2PEMACUCPROMISCUOUS entry was corrupted, causing the classifier unit to drop all incoming unicast - indicated by therx_classifier_dropscounter. - Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/22xxx/CVE-2025-22060.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/46c1e23e34c9d1eaadf37f88216d9d8ce0d0bcee
- https://git.kernel.org/stable/c/5b0ae1723a7d9574ae1aee7d9cf9757a30069865
- https://git.kernel.org/stable/c/96844075226b49af25a69a1d084b648ec2d9b08d
- https://git.kernel.org/stable/c/b3f48a41a00d6d8d9c6fe09ae47dd21c8c1c8b03
- https://git.kernel.org/stable/c/e3711163d14d02af9005e4cdad30899c565f13fb
- https://git.kernel.org/stable/c/e64e9b6e86b39db3baa576fd73da73533b54cb2d
- https://git.kernel.org/stable/c/fcbfb54a0269875cf3cd6a2bff4f85a2e0a0b552
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/22xxx/CVE-2025-22060.json
- https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
- https://nvd.nist.gov/vuln/detail/CVE-2025-22060
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced3f518509dedc99f0b755d2ce68d24f610e3a005aFixede3711163d14d02af9005e4cdad30899c565f13fbFixedb3f48a41a00d6d8d9c6fe09ae47dd21c8c1c8b03Fixed5b0ae1723a7d9574ae1aee7d9cf9757a30069865Fixedfcbfb54a0269875cf3cd6a2bff4f85a2e0a0b552Fixede64e9b6e86b39db3baa576fd73da73533b54cb2dFixed46c1e23e34c9d1eaadf37f88216d9d8ce0d0bceeFixed96844075226b49af25a69a1d084b648ec2d9b08d