CVE-2025-22064

EUVD-2025-11231
In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: don't unregister hook when table is dormant

When nf_tables_updchain encounters an error, hook registration needs to
be rolled back.

This should only be done if the hook has been registered, which won't
happen when the table is flagged as dormant (inactive).

Just move the assignment into the registration block.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 31%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
6.3.3 ≤
𝑥
< 6.6.87
linuxlinux_kernel
6.7 ≤
𝑥
< 6.12.23
linuxlinux_kernel
6.13 ≤
𝑥
< 6.13.11
linuxlinux_kernel
6.14 ≤
𝑥
< 6.14.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.170-3
fixed
bookworm (security)
6.1.174-1
fixed
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.257-1
fixed
forky
7.0.9-1
fixed
sid
7.0.10-1
fixed
trixie
6.12.86-1
fixed
trixie (security)
6.12.90-2
fixed
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
kernel-64kb
suse enterprise desktop 15 SP6
6.4.0-150600.23.50.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.50.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.50.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.3.1
fixed
kernel-azure
suse enterprise sap 15 SP6
6.4.0-150600.8.37.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.20.3.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.8.37.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.20.3.1
fixed
kernel-default
suse enterprise desktop 15 SP6
6.4.0-150600.23.50.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.50.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.50.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.3.1
fixed
kernel-default-base
suse enterprise desktop 15 SP6
6.4.0-150600.23.50.1.150600.12.22.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.3.1.150700.17.2.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.50.1.150600.12.22.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.3.1.150700.17.2.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.50.1.150600.12.22.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.3.1.150700.17.2.1
fixed
kernel-docs
suse enterprise desktop 15 SP6
6.4.0-150600.23.50.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.50.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.50.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.3.1
fixed
kernel-macros
suse enterprise desktop 15 SP6
6.4.0-150600.23.50.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.50.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.50.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.3.1
fixed
kernel-obs-build
suse enterprise desktop 15 SP6
6.4.0-150600.23.50.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.50.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.50.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.3.1
fixed
kernel-source
suse enterprise desktop 15 SP6
6.4.0-150600.23.50.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.50.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.50.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.3.1
fixed
kernel-source-azure
suse enterprise sap 15 SP6
6.4.0-150600.8.37.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.20.3.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.8.37.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.20.3.1
fixed
kernel-syms
suse enterprise desktop 15 SP6
6.4.0-150600.23.50.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.50.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.50.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.3.1
fixed
kernel-syms-azure
suse enterprise sap 15 SP6
6.4.0-150600.8.37.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.20.3.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.8.37.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.20.3.1
fixed
kernel-zfcpdump
suse enterprise desktop 15 SP6
6.4.0-150600.23.50.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.50.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.50.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.3.1
fixed
References
https://git.kernel.org/stable/c/03d1fb457b696c18fe15661440c4f052b2374e7e
https://git.kernel.org/stable/c/6134d1ea1e1408e8e7c8c26545b3b301cbdf1eda
https://git.kernel.org/stable/c/688c15017d5cd5aac882400782e7213d40dc3556
https://git.kernel.org/stable/c/ce571eba07d54e3637bf334bc48376fbfa55defe
https://git.kernel.org/stable/c/feb1fa2a03a27fec7001e93e4223be4120d1784b