CVE-2025-22110

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-22110
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-22110.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-22110
Downstream
Published
2025-04-16T15:16:05Z
Modified
2025-08-30T18:01:37Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nfnetlink_queue: Initialize ctx to avoid memory allocation error

It is possible that ctx in nfqnlbuildpacketmessage() could be used before it is properly initialize, which is only initialized by nfqnlgetsksecctx().

This patch corrects this problem by initializing the lsmctx to a safe value when it is declared.

This is similar to the commit 35fcac7a7c25 ("audit: Initialize lsmctx to avoid memory allocation error").

References

Affected packages