Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_queue: Initialize ctx to avoid memory allocation error It is possible that ctx in nfqnl_build_packet_message() could be used before it is properly initialize, which is only initialized by nfqnl_get_sk_secctx(). This patch corrects this problem by initializing the lsmctx to a safe value when it is declared. This is similar to the commit 35fcac7a7c25 ("audit: Initialize lsmctx to avoid memory allocation error").

INFO

Published Date :

2025-04-16T14:12:57.061Z

Last Modified :

2025-05-26T05:18:41.248Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-22110 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-22110.

URL Resource
https://git.kernel.org/stable/c/778b09d91baafb13408470c721d034d6515cfa5a cve-icon cve-icon
https://git.kernel.org/stable/c/ddbf7e1d82a1d0c1d3425931a6cb1b83f8454759 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025041624-CVE-2025-22110-6a28@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-22110 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-22110 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact