CVE-2025-22006: 
Linux Kernel vulnerability analysis and mitigation

CVE-2025-22006 is a vulnerability in the Linux kernel affecting the network ethernet driver for Texas Instruments AM65 CPSW (Common Platform Switching Wrapper). The vulnerability was discovered and disclosed on April 3, 2025, affecting Linux kernel versions from 6.12.14 up to 6.12.21 and from 6.13.3 up to 6.13.9 (NVD).

The vulnerability stems from an improper NAPI (New API) registration sequence in the network driver. Specifically, the issue occurs when interrupts for TX or RX DMA Channels are registered before their respective NAPI callbacks, which can lead to a NULL pointer dereference. The vulnerability is classified as CWE-476 (NULL Pointer Dereference) and has received a CVSS v3.1 base score of 5.5 (Medium), with a vector string of CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability manifests as a random occurrence, dependent on the timing of traffic generation by Linux and reception of traffic from the network. When triggered, it results in a NULL pointer dereference that could lead to system crashes or denial of service conditions (NVD).

The vulnerability has been fixed in Linux kernel versions 6.12.21 and later, as well as 6.13.9 and later. Several Linux distributions have released patches, including Debian which has fixed versions available in bullseye (5.10.234-1), bookworm (6.1.133-1), and trixie (6.12.21-1) releases (Debian Tracker).