CVE-2025-22056: 
Linux Kernel vulnerability analysis and mitigation

CVE-2025-22056 is a vulnerability discovered in the Linux kernel's netfilter component, specifically in the nft_tunnel functionality. The vulnerability was disclosed on April 16, 2025, affecting the Linux kernel's handling of NFTA_TUNNEL_KEY_OPTS_GENEVE attributes (NVD).

The vulnerability stems from a type confusion issue in the netfilter's nft_tunnel component when handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes. The parsing logic should place every geneve_opt structure compactly, but the current implementation performs incorrect type conversion before pointer addition, leading to a heap out-of-bounds write condition. This was confirmed through KASAN (Kernel Address Sanitizer) detection showing a slab-out-of-bounds write of size 124 bytes (NVD, Red Hat).

The vulnerability results in a heap out-of-bounds write condition which could potentially lead to memory corruption in the kernel. The severity is rated as Important with a CVSS v3.1 base score of 5.5 (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) (Red Hat).

The vulnerability has been fixed in Linux kernel version 6.12.25-1 for the unstable branch. Various Linux distributions have released patches, including Debian which has marked the fix as available in version 6.12.25-1 while older versions remain vulnerable (Debian Tracker).