CVE-2025-22101

In the Linux kernel, the following vulnerability has been resolved: net: libwx: fix Tx L4 checksum The hardware only supports L4 checksum offload for TCP/UDP/SCTP protocol. There was a bug to set Tx checksum flag for the other protocol that results in Tx ring hang. Fix to compute software checksum for these packets.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/5f583e059eced1857f41e221ef5951e029e632bd	Patch
https://git.kernel.org/stable/c/6d56ea133adf0389b216ba6e47f7f35e95776713	Patch
https://git.kernel.org/stable/c/c7d82913d5f9e97860772ee4051eaa66b56a6273	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

No history.

Information

Published : 2025-04-16 15:16

Updated : 2025-11-04 17:04

NVD link : CVE-2025-22101

Mitre link : CVE-2025-22101

CVE.ORG link : CVE-2025-22101

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-noinfo

{"id": "CVE-2025-22101", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2025-04-16T15:16:04.460", "references": [{"url": "https://git.kernel.org/stable/c/5f583e059eced1857f41e221ef5951e029e632bd", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/6d56ea133adf0389b216ba6e47f7f35e95776713", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c7d82913d5f9e97860772ee4051eaa66b56a6273", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: fix Tx L4 checksum\n\nThe hardware only supports L4 checksum offload for TCP/UDP/SCTP protocol.\nThere was a bug to set Tx checksum flag for the other protocol that results\nin Tx ring hang. Fix to compute software checksum for these packets."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: libwx: correcci\u00f3n de la suma de comprobaci\u00f3n L4 de transmisi\u00f3n. El hardware solo admite la descarga de la suma de comprobaci\u00f3n L4 para el protocolo TCP/UDP/SCTP. Se detect\u00f3 un error al configurar el indicador de suma de comprobaci\u00f3n de transmisi\u00f3n para el otro protocolo, lo que provoca el bloqueo del anillo de transmisi\u00f3n. Se ha corregido el c\u00e1lculo de la suma de comprobaci\u00f3n de software para estos paquetes."}], "lastModified": "2025-11-04T17:04:49.470", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E79E6AF-9150-42F6-9F98-BC9ED7BFE2E4", "versionEndExcluding": "6.12.36", "versionStartIncluding": "6.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "633A38C1-75C8-452D-8F1C-DA0269FD2687", "versionEndExcluding": "6.14.2", "versionStartIncluding": "6.13"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}