7.8

CVE-2025-22004

net: atm: fix use after free in lec_send()

In the Linux kernel, the following vulnerability has been resolved:

net: atm: fix use after free in lec_send()

The ->send() operation frees skb so save the length before calling
->send() to avoid a use after free.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.12 < 6.1.132
LinuxLinux Kernel Version >= 6.2 < 6.6.85
LinuxLinux Kernel Version >= 6.7 < 6.12.21
LinuxLinux Kernel Version >= 6.13 < 6.13.9
LinuxLinux Kernel Version6.14 Updaterc1
LinuxLinux Kernel Version6.14 Updaterc2
LinuxLinux Kernel Version6.14 Updaterc3
LinuxLinux Kernel Version6.14 Updaterc4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.19% 0.093
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://git.kernel.org/stable/c/326223182e4703cde99fdbd36d07d0b3de9980fb
Patch
https://git.kernel.org/stable/c/51e8be9578a2e74f9983d8fd8de8cafed191f30c
Patch
https://git.kernel.org/stable/c/9566f6ee13b17a15d0a47667ad1b1893c539f730
Patch
https://git.kernel.org/stable/c/f3009d0d6ab78053117f8857b921a8237f4d17b3
Patch
https://git.kernel.org/stable/c/f3271f7548385e0096739965961c7cbf7e6b4762
Patch
https://git.kernel.org/stable/c/50e288097c2c6e5f374ae079394436fc29d1e88e
https://git.kernel.org/stable/c/82d9084a97892de1ee4881eb5c17911fcd9be6f6
https://git.kernel.org/stable/c/8cd90c7db08f32829bfa1b5b2b11fbc542afbab7
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html