CVE-2025-22001

In the Linux kernel, the following vulnerability has been resolved:

accel/qaic: Fix integer overflow in qaic_validate_req()

These are u64 variables that come from the user via
qaic_attach_slice_bo_ioctl().  Use check_add_overflow() to ensure that
the math doesn't have an integer wrapping bug.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
LinuxCNA
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 1%
VendorProductVersion
linuxlinux_kernel
6.4 ≤
𝑥
< 6.6.85
linuxlinux_kernel
6.7 ≤
𝑥
< 6.12.21
linuxlinux_kernel
6.13 ≤
𝑥
< 6.13.9
linuxlinux_kernel
6.14:rc1
linuxlinux_kernel
6.14:rc2
linuxlinux_kernel
6.14:rc3
linuxlinux_kernel
6.14:rc4
linuxlinux_kernel
6.14:rc5
linuxlinux_kernel
6.14:rc6
linuxlinux_kernel
6.14:rc7
𝑥
= Vulnerable software versions
Common Weakness Enumeration
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/4b2a170c25862ad116bd31be6b9841646b4862e8
https://git.kernel.org/stable/c/57fae0c505f49bb1e3d5660cd2cc49697ed85f7c
https://git.kernel.org/stable/c/67d15c7aa0864dfd82325c7e7e7d8548b5224c7b
https://git.kernel.org/stable/c/b362fc904d264a88b4af20baae9e82491c285e9c