CVE-2025-22004

net: atm: fix use after free in lec_send()

Published: 4/3/2025 Last updated: 5/4/2025 Reserved: 12/29/2024

In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lec_send() The ->send() operation frees skb so save the length before calling ->send() to avoid a use after free.

CNA assigner: Linux (416baaa9-dc9f-4396-8d5f-8c081fb06d67) Requested by: n/a

Metrics

Version	Score	Severity	Vector String
3.1	7.8	High	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Opam packages affected (27)

albatross cdrom conf-bpftool conf-libbpf conf-linux-libc-dev core core_unix hvsock mirage-block-unix mm ocaml-probes orun rawlink rawlink-eio rawlink-lwt shell solo5 solo5-bindings-hvt solo5-bindings-spt solo5-cross-aarch64 solo5-kernel-ukvm tracy-client tuntap uring vhd-format vhd-format-lwt xapi-stdext-unix

Products affected (2)

Product	Vendor	Version
Linux	Linux	n/a
Linux	Linux	<= 2.4.8

References (8)

https://git.kernel.org/stable/c/50e288097c2c6e5f374ae079394436fc29d1e88e
https://git.kernel.org/stable/c/8cd90c7db08f32829bfa1b5b2b11fbc542afbab7
https://git.kernel.org/stable/c/82d9084a97892de1ee4881eb5c17911fcd9be6f6
https://git.kernel.org/stable/c/51e8be9578a2e74f9983d8fd8de8cafed191f30c
https://git.kernel.org/stable/c/9566f6ee13b17a15d0a47667ad1b1893c539f730
https://git.kernel.org/stable/c/326223182e4703cde99fdbd36d07d0b3de9980fb
https://git.kernel.org/stable/c/f3271f7548385e0096739965961c7cbf7e6b4762
https://git.kernel.org/stable/c/f3009d0d6ab78053117f8857b921a8237f4d17b3