CVE-2025-22117

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2025-22117

Severity

Unknown

Summary

ice: fix using untrusted value of pkt_len in ice_vc_fdir_parse_raw()

Description

In the Linux kernel, the following vulnerability has been resolved:

ice: fix using untrusted value of pkt_len in ice_vc_fdir_parse_raw()

Fix using the untrusted value of proto->raw.pkt_len in function ice_vc_fdir_parse_raw() by verifying if it does not exceed the VIRTCHNL_MAX_SIZE_RAW_PACKET value.

References

https://images.chainguard.dev/security/CGA-v7gp-hh9f-j733
https://github.com/advisories/GHSA-76xf-w35q-qjmg
https://images.chainguard.dev/security/CGA-v4fr-q3vm-p67m
https://images.chainguard.dev/security/CGA-xrrj-mpch-cv87
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
https://git.kernel.org/stable/c/1388dd564183a5a18ec4a966748037736b5653c5
https://git.kernel.org/stable/c/362f704ba73a359db9cded567e891d9a8f081875

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CVE-2025-22117

Severity

Summary

Description

References

Affected packages

The trusted source for open source

Product

Solutions

Customers

Resources

Company