CVE-2025-22063
MEDIUMLinux Kernel 4.8-6.14.2 - NULL Pointer Dereference in netlbl_conn_setattr
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets When calling netlbl_conn_setattr(), addr->sa_family is used to determine the function behavior. If sk is an IPv4 socket, but the connect function is called with an IPv6 address, the function calipso_sock_setattr() is triggered. Inside this function, the following code is executed: sk_fullsock(__sk) ? inet_sk(__sk)->pinet6 : NULL; Since sk is an IPv4 socket, pinet6 is NULL, leading to a null pointer dereference. This patch fixes the issue by checking if inet6_sk(sk) returns a NULL pointer before accessing pinet6.
References (11)
Core 11
Core References
Scores
CVSS v3
5.5
EPSS
0.0023
EPSS Percentile
13.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-476
Status
published
Products (29)
linux/Kernel
4.8.0 - 5.4.292linux
linux/Kernel
5.11.0 - 5.15.180linux
linux/Kernel
5.16.0 - 6.1.134linux
linux/Kernel
5.5.0 - 5.10.236linux
linux/Kernel
6.13.0 - 6.13.11linux
linux/Kernel
6.14.0 - 6.14.2linux
linux/Kernel
6.2.0 - 6.6.87linux
linux/Kernel
6.7.0 - 6.12.23linux
Linux/Linux
< 4.8
Linux/Linux
4.8
... and 19 more
Published
Apr 16, 2025
Tracked Since
Feb 18, 2026