{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T15:45:49.615","vulnerabilities":[{"cve":{"id":"CVE-2025-22017","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-04-08T09:15:26.557","lastModified":"2025-10-28T17:08:48.157","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndevlink: fix xa_alloc_cyclic() error handling\n\nIn case of returning 1 from xa_alloc_cyclic() (wrapping) ERR_PTR(1) will\nbe returned, which will cause IS_ERR() to be false. Which can lead to\ndereference not allocated pointer (rel).\n\nFix it by checking if err is lower than zero.\n\nThis wasn't found in real usecase, only noticed. Credit to Pierre."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: devlink: corrección de la gestión de errores de xa_alloc_cyclic(). Si se devuelve 1 desde xa_alloc_cyclic() (wrapping), se devolverá ERR_PTR(1), lo que hará que IS_ERR() sea falso. Esto puede provocar la desreferenciación de un puntero no asignado (rel). Se corrige comprobando si err es menor que cero. Esto no se detectó en un caso práctico real, solo se detectó. Gracias a Pierre."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.21","matchCriteriaId":"3B63C450-D73B-4A53-9861-98E25C16E842"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.13.9","matchCriteriaId":"FAECBE4D-58CF-4836-BBAB-5E28B800A778"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.14:rc1:*:*:*:*:*:*","matchCriteriaId":"186716B6-2B66-4BD0-852E-D48E71C0C85F"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.14:rc2:*:*:*:*:*:*","matchCriteriaId":"0D3E781C-403A-498F-9DA9-ECEE50F41E75"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.14:rc3:*:*:*:*:*:*","matchCriteriaId":"66619FB8-0AAF-4166-B2CF-67B24143261D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.14:rc4:*:*:*:*:*:*","matchCriteriaId":"D3D6550E-6679-4560-902D-AF52DCFE905B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.14:rc5:*:*:*:*:*:*","matchCriteriaId":"45B90F6B-BEC7-4D4E-883A-9DBADE021750"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.14:rc6:*:*:*:*:*:*","matchCriteriaId":"1759FFB7-531C-41B1-9AE1-FD3D80E0D920"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.14:rc7:*:*:*:*:*:*","matchCriteriaId":"AD948719-8628-4421-A340-1066314BBD4A"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/466132f6d28a7e47a82501fe1c46b8f90487412e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f3b97b7d4bf316c3991e5634c9f4847c2df35478","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f8aaa38cfaf6f20afa4db36b6529032fb69165dc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}