CVE-2025-22117

MEDIUM EPSS 4.9%
Published Apr 16, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Apr 16, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: ice: fix using untrusted value of pkt_len in ice_vc_fdir_parse_raw() Fix using the untrusted value of proto->raw.pkt_len in function ice_vc_fdir_parse_raw() by verifying if it does not exceed the VIRTCHNL_MAX_SIZE_RAW_PACKET value.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
4.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 1

VendorProductVersionRange
linuxlinux_kernel*≥6.12  –  <6.14.2

References 3

  • git.kernel.org https://git.kernel.org/stable/c/1388dd564183a5a18ec4a966748037736b5653c5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/362f704ba73a359db9cded567e891d9a8f081875
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/363377af2c9e874fbba3a199408f8ec7b37906f7

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/1388dd564183a5a18ec4a966748037736b5653c5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/362f704ba73a359db9cded567e891d9a8f081875
    Patch