CVE-2025-22110

Source
https://nvd.nist.gov/vuln/detail/CVE-2025-22110
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-22110.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-22110
Downstream
Published
2025-04-16T14:12:57Z
Modified
2025-10-10T08:36:30.100001Z
Summary
netfilter: nfnetlink_queue: Initialize ctx to avoid memory allocation error
Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nfnetlink_queue: Initialize ctx to avoid memory allocation error

It is possible that ctx in nfqnlbuildpacketmessage() could be used before it is properly initialize, which is only initialized by nfqnlgetsksecctx().

This patch corrects this problem by initializing the lsmctx to a safe value when it is declared.

This is similar to the commit 35fcac7a7c25 ("audit: Initialize lsmctx to avoid memory allocation error").

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
2d470c778120d3cdb8d8ab250329ca85f49f12b1
Fixed
ddbf7e1d82a1d0c1d3425931a6cb1b83f8454759
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
2d470c778120d3cdb8d8ab250329ca85f49f12b1
Fixed
778b09d91baafb13408470c721d034d6515cfa5a

Affected versions

v6.*

v6.13
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.14
v6.14-rc1
v6.14-rc2
v6.14-rc3
v6.14-rc4
v6.14-rc5
v6.14-rc6
v6.14-rc7
v6.14.1

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.14.0
Fixed
6.14.2